hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Port experimental CorsPermissiveConfiguration to ConfigSig

Browse Source 
The tests show a new (source, sink) pair for an already-flagged sink.

Not sure why it was not flagged originally since the data flow path seems valid, given the steps provided by our models.
This commit is contained in:
Asger F
2024-11-28 11:46:56 +01:00
parent f5a6485ef2
commit 871bc3b84a
3 changed files with 56 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
javascript/ql/test/experimental/Security/CWE-942/CorsPermissiveConfiguration.expected
View File

@@ -1,50 +1,34 @@
nodes
| apollo-test.js:8:9:8:59 | user_origin |
| apollo-test.js:8:23:8:46 | url.par ... , true) |
| apollo-test.js:8:23:8:52 | url.par ... ).query |
| apollo-test.js:8:23:8:59 | url.par ... .origin |
| apollo-test.js:8:33:8:39 | req.url |
| apollo-test.js:8:33:8:39 | req.url |
| apollo-test.js:11:25:11:28 | true |
| apollo-test.js:11:25:11:28 | true |
| apollo-test.js:11:25:11:28 | true |
| apollo-test.js:21:25:21:28 | null |
| apollo-test.js:21:25:21:28 | null |
| apollo-test.js:21:25:21:28 | null |
| apollo-test.js:26:25:26:35 | user_origin |
| apollo-test.js:26:25:26:35 | user_origin |
| express-test.js:10:9:10:59 | user_origin |
| express-test.js:10:23:10:46 | url.par ... , true) |
| express-test.js:10:23:10:52 | url.par ... ).query |
| express-test.js:10:23:10:59 | url.par ... .origin |
| express-test.js:10:33:10:39 | req.url |
| express-test.js:10:33:10:39 | req.url |
| express-test.js:26:17:26:19 | '*' |
| express-test.js:26:17:26:19 | '*' |
| express-test.js:26:17:26:19 | '*' |
| express-test.js:33:17:33:27 | user_origin |
| express-test.js:33:17:33:27 | user_origin |
edges
| apollo-test.js:8:9:8:59 | user_origin | apollo-test.js:26:25:26:35 | user_origin |
| apollo-test.js:8:9:8:59 | user_origin | apollo-test.js:26:25:26:35 | user_origin |
| apollo-test.js:8:23:8:46 | url.par ... , true) | apollo-test.js:8:23:8:52 | url.par ... ).query |
| apollo-test.js:8:23:8:52 | url.par ... ).query | apollo-test.js:8:23:8:59 | url.par ... .origin |
| apollo-test.js:8:23:8:59 | url.par ... .origin | apollo-test.js:8:9:8:59 | user_origin |
| apollo-test.js:8:33:8:39 | req.url | apollo-test.js:8:23:8:46 | url.par ... , true) |
| apollo-test.js:8:33:8:39 | req.url | apollo-test.js:8:23:8:46 | url.par ... , true) |
| apollo-test.js:11:25:11:28 | true | apollo-test.js:11:25:11:28 | true |
| apollo-test.js:21:25:21:28 | null | apollo-test.js:21:25:21:28 | null |
| express-test.js:10:9:10:59 | user_origin | express-test.js:33:17:33:27 | user_origin |
| express-test.js:10:9:10:59 | user_origin | express-test.js:33:17:33:27 | user_origin |
| express-test.js:10:23:10:46 | url.par ... , true) | express-test.js:10:23:10:52 | url.par ... ).query |
| express-test.js:10:23:10:52 | url.par ... ).query | express-test.js:10:23:10:59 | url.par ... .origin |
| express-test.js:10:23:10:59 | url.par ... .origin | express-test.js:10:9:10:59 | user_origin |
| express-test.js:10:33:10:39 | req.url | express-test.js:10:23:10:46 | url.par ... , true) |
| express-test.js:10:33:10:39 | req.url | express-test.js:10:23:10:46 | url.par ... , true) |
| express-test.js:26:17:26:19 | '*' | express-test.js:26:17:26:19 | '*' |
| apollo-test.js:8:9:8:59 | user_origin | apollo-test.js:26:25:26:35 | user_origin | provenance | |
| apollo-test.js:8:9:8:59 | user_origin | apollo-test.js:26:25:26:35 | user_origin | provenance | |
| apollo-test.js:8:23:8:46 | url.par ... , true) | apollo-test.js:8:9:8:59 | user_origin | provenance | |
| apollo-test.js:8:23:8:46 | url.par ... , true) | apollo-test.js:8:9:8:59 | user_origin | provenance | |
| apollo-test.js:8:33:8:39 | req.url | apollo-test.js:8:23:8:46 | url.par ... , true) | provenance | |
| apollo-test.js:8:42:8:45 | true | apollo-test.js:8:23:8:46 | url.par ... , true) | provenance | |
| express-test.js:10:9:10:59 | user_origin | express-test.js:33:17:33:27 | user_origin | provenance | |
| express-test.js:10:23:10:46 | url.par ... , true) | express-test.js:10:9:10:59 | user_origin | provenance | |
| express-test.js:10:33:10:39 | req.url | express-test.js:10:23:10:46 | url.par ... , true) | provenance | |
nodes
| apollo-test.js:8:9:8:59 | user_origin | semmle.label | user_origin |
| apollo-test.js:8:9:8:59 | user_origin | semmle.label | user_origin |
| apollo-test.js:8:23:8:46 | url.par ... , true) | semmle.label | url.par ... , true) |
| apollo-test.js:8:23:8:46 | url.par ... , true) | semmle.label | url.par ... , true) |
| apollo-test.js:8:33:8:39 | req.url | semmle.label | req.url |
| apollo-test.js:8:42:8:45 | true | semmle.label | true |
| apollo-test.js:11:25:11:28 | true | semmle.label | true |
| apollo-test.js:21:25:21:28 | null | semmle.label | null |
| apollo-test.js:26:25:26:35 | user_origin | semmle.label | user_origin |
| apollo-test.js:26:25:26:35 | user_origin | semmle.label | user_origin |
| express-test.js:10:9:10:59 | user_origin | semmle.label | user_origin |
| express-test.js:10:23:10:46 | url.par ... , true) | semmle.label | url.par ... , true) |
| express-test.js:10:33:10:39 | req.url | semmle.label | req.url |
| express-test.js:26:17:26:19 | '*' | semmle.label | '*' |
| express-test.js:33:17:33:27 | user_origin | semmle.label | user_origin |
subpaths
#select
| apollo-test.js:11:25:11:28 | true | apollo-test.js:11:25:11:28 | true | apollo-test.js:11:25:11:28 | true | CORS Origin misconfiguration due to a $@. | apollo-test.js:11:25:11:28 | true | too permissive or user controlled value |
| apollo-test.js:21:25:21:28 | null | apollo-test.js:21:25:21:28 | null | apollo-test.js:21:25:21:28 | null | CORS Origin misconfiguration due to a $@. | apollo-test.js:21:25:21:28 | null | too permissive or user controlled value |
| apollo-test.js:26:25:26:35 | user_origin | apollo-test.js:8:33:8:39 | req.url | apollo-test.js:26:25:26:35 | user_origin | CORS Origin misconfiguration due to a $@. | apollo-test.js:8:33:8:39 | req.url | too permissive or user controlled value |
| apollo-test.js:26:25:26:35 | user_origin | apollo-test.js:8:42:8:45 | true | apollo-test.js:26:25:26:35 | user_origin | CORS Origin misconfiguration due to a $@. | apollo-test.js:8:42:8:45 | true | too permissive or user controlled value |
| express-test.js:26:17:26:19 | '*' | express-test.js:26:17:26:19 | '*' | express-test.js:26:17:26:19 | '*' | CORS Origin misconfiguration due to a $@. | express-test.js:26:17:26:19 | '*' | too permissive or user controlled value |
| express-test.js:33:17:33:27 | user_origin | express-test.js:10:33:10:39 | req.url | express-test.js:33:17:33:27 | user_origin | CORS Origin misconfiguration due to a $@. | express-test.js:10:33:10:39 | req.url | too permissive or user controlled value |