hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JavaScript: Track flow through forwarding higher-order calls.

Browse Source
This commit is contained in:
Max Schaefer
2019-01-11 09:15:58 +00:00
parent 59bac829b1
commit 7d2d33840a
7 changed files with 49 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
javascript/ql/test/library-tests/InterProceduralFlow/DataFlow.expected
View File

@@ -2,6 +2,7 @@
| a.js:1:15:1:23 | "tainted" | b.js:6:13:6:13 | x |
| a.js:2:15:2:28 | "also tainted" | b.js:5:13:5:29 | notTaintedTrustMe |
| callback.js:16:14:16:21 | "source" | callback.js:13:14:13:14 | x |
| callback.js:27:15:27:23 | "source3" | callback.js:13:14:13:14 | x |
| destructuring.js:2:16:2:24 | "tainted" | destructuring.js:9:15:9:22 | tainted2 |
| destructuring.js:19:15:19:23 | "tainted" | destructuring.js:14:15:14:15 | p |
| destructuring.js:20:15:20:28 | "also tainted" | destructuring.js:15:15:15:15 | r |

1
javascript/ql/test/library-tests/InterProceduralFlow/GermanFlow.expected
View File

@@ -2,6 +2,7 @@
| a.js:1:15:1:23 | "tainted" | b.js:6:13:6:13 | x |
| a.js:2:15:2:28 | "also tainted" | b.js:5:13:5:29 | notTaintedTrustMe |
| callback.js:16:14:16:21 | "source" | callback.js:13:14:13:14 | x |
| callback.js:27:15:27:23 | "source3" | callback.js:13:14:13:14 | x |
| custom.js:1:14:1:26 | "verschmutzt" | custom.js:2:15:2:20 | quelle |
| destructuring.js:2:16:2:24 | "tainted" | destructuring.js:9:15:9:22 | tainted2 |
| destructuring.js:19:15:19:23 | "tainted" | destructuring.js:14:15:14:15 | p |

1
javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.expected
View File

@@ -3,6 +3,7 @@
| a.js:2:15:2:28 | "also tainted" | b.js:5:13:5:29 | notTaintedTrustMe |
| callback.js:16:14:16:21 | "source" | callback.js:13:14:13:14 | x |
| callback.js:17:15:17:23 | "source2" | callback.js:13:14:13:14 | x |
| callback.js:27:15:27:23 | "source3" | callback.js:13:14:13:14 | x |
| destructuring.js:2:16:2:24 | "tainted" | destructuring.js:5:14:5:20 | tainted |
| destructuring.js:2:16:2:24 | "tainted" | destructuring.js:9:15:9:22 | tainted2 |
| destructuring.js:19:15:19:23 | "tainted" | destructuring.js:14:15:14:15 | p |

8
javascript/ql/test/library-tests/InterProceduralFlow/callback.js
View File

@@ -20,4 +20,12 @@ call(store, confounder); // call with different argument to make sure the call g
// doesn't resolve the call on line 2 for us
map(store, [source2]);
function call2(x, f) {
call(f, x);
}
let source3 = "source3";
call2(source3, store);
call2(source3, confounder);
// semmle-extractor-options: --source-type module