hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: add qhelp example to test suite

Browse Source
This commit is contained in:
Asger F
2018-11-20 18:44:18 +00:00
parent 4138f814d8
commit 7d80847832
2 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
javascript/ql/test/query-tests/Security/CWE-094/MethodNameInjection/MethodNameInjection.expected
View File

@@ -1,4 +1,12 @@
nodes
| example.js:9:37:9:38 | ev |
| example.js:10:9:10:37 | message |
| example.js:10:19:10:37 | JSON.parse(ev.data) |
| example.js:10:30:10:31 | ev |
| example.js:10:30:10:36 | ev.data |
| example.js:13:5:13:24 | window[message.name] |
| example.js:13:12:13:18 | message |
| example.js:13:12:13:23 | message.name |
| tst.js:3:37:3:38 | ev |
| tst.js:4:9:4:37 | message |
| tst.js:4:19:4:37 | JSON.parse(ev.data) |
@@ -14,6 +22,13 @@ nodes
| tst.js:11:7:11:13 | message |
| tst.js:11:7:11:18 | message.name |
edges
| example.js:9:37:9:38 | ev | example.js:10:30:10:31 | ev |
| example.js:10:9:10:37 | message | example.js:13:12:13:18 | message |
| example.js:10:19:10:37 | JSON.parse(ev.data) | example.js:10:9:10:37 | message |
| example.js:10:30:10:31 | ev | example.js:10:30:10:36 | ev.data |
| example.js:10:30:10:36 | ev.data | example.js:10:19:10:37 | JSON.parse(ev.data) |
| example.js:13:12:13:18 | message | example.js:13:12:13:23 | message.name |
| example.js:13:12:13:23 | message.name | example.js:13:5:13:24 | window[message.name] |
| tst.js:3:37:3:38 | ev | tst.js:4:30:4:31 | ev |
| tst.js:4:9:4:37 | message | tst.js:5:12:5:18 | message |
| tst.js:4:9:4:37 | message | tst.js:6:16:6:22 | message |
@@ -28,6 +43,7 @@ edges
| tst.js:11:7:11:13 | message | tst.js:11:7:11:18 | message.name |
| tst.js:11:7:11:18 | message.name | tst.js:11:5:11:19 | f[message.name] |
#select
| example.js:13:5:13:24 | window[message.name] | example.js:9:37:9:38 | ev | example.js:13:5:13:24 | window[message.name] | Invocation of method derived from $@ may lead to remote code execution. | example.js:9:37:9:38 | ev | user-controlled value |
| tst.js:5:5:5:24 | window[message.name] | tst.js:3:37:3:38 | ev | tst.js:5:5:5:24 | window[message.name] | Invocation of method derived from $@ may lead to remote code execution. | tst.js:3:37:3:38 | ev | user-controlled value |
| tst.js:6:9:6:28 | window[message.name] | tst.js:3:37:3:38 | ev | tst.js:6:9:6:28 | window[message.name] | Invocation of method derived from $@ may lead to remote code execution. | tst.js:3:37:3:38 | ev | user-controlled value |
| tst.js:11:5:11:19 | f[message.name] | tst.js:3:37:3:38 | ev | tst.js:11:5:11:19 | f[message.name] | Invocation of method derived from $@ may lead to remote code execution. | tst.js:3:37:3:38 | ev | user-controlled value |

14
javascript/ql/test/query-tests/Security/CWE-094/MethodNameInjection/example.js Normal file
View File

@@ -0,0 +1,14 @@
// API methods
function play(data) {
// ...
}
function pause(data) {
// ...
}
window.addEventListener("message", (ev) => {
let message = JSON.parse(ev.data);
// Let the parent frame call the 'play' or 'pause' function
window[message.name](message.payload); // NOT OK
});