hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Shift line numbers in TemplateObjectInjection test

Browse Source
This commit is contained in:
Asger Feldthaus
2021-10-28 10:03:00 +02:00
parent 5f8ea3965d
commit 8af430d40f
2 changed files with 54 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
View File

@@ -29,31 +29,31 @@ nodes
| tst2.js:51:25:51:46 | req.bod ... rameter |
| tst2.js:52:28:52:40 | bodyParameter |
| tst2.js:52:28:52:40 | bodyParameter |
| tst.js:5:9:5:46 | bodyParameter |
| tst.js:5:25:5:32 | req.body |
| tst.js:5:25:5:32 | req.body |
| tst.js:5:25:5:46 | req.bod ... rameter |
| tst.js:6:9:6:49 | queryParameter |
| tst.js:6:9:6:49 | queryParameter |
| tst.js:6:26:6:49 | req.que ... rameter |
| tst.js:6:26:6:49 | req.que ... rameter |
| tst.js:6:26:6:49 | req.que ... rameter |
| tst.js:8:28:8:40 | bodyParameter |
| tst.js:8:28:8:40 | bodyParameter |
| tst.js:9:28:9:41 | queryParameter |
| tst.js:9:28:9:41 | queryParameter |
| tst.js:18:19:18:32 | queryParameter |
| tst.js:18:19:18:32 | queryParameter |
| tst.js:21:24:21:26 | obj |
| tst.js:21:24:21:26 | obj |
| tst.js:22:28:22:30 | obj |
| tst.js:22:28:22:30 | obj |
| tst.js:24:11:24:24 | str |
| tst.js:24:17:24:19 | obj |
| tst.js:24:17:24:24 | obj + "" |
| tst.js:27:28:27:42 | JSON.parse(str) |
| tst.js:27:28:27:42 | JSON.parse(str) |
| tst.js:27:39:27:41 | str |
| tst.js:7:9:7:46 | bodyParameter |
| tst.js:7:25:7:32 | req.body |
| tst.js:7:25:7:32 | req.body |
| tst.js:7:25:7:46 | req.bod ... rameter |
| tst.js:8:9:8:49 | queryParameter |
| tst.js:8:9:8:49 | queryParameter |
| tst.js:8:26:8:49 | req.que ... rameter |
| tst.js:8:26:8:49 | req.que ... rameter |
| tst.js:8:26:8:49 | req.que ... rameter |
| tst.js:10:28:10:40 | bodyParameter |
| tst.js:10:28:10:40 | bodyParameter |
| tst.js:11:28:11:41 | queryParameter |
| tst.js:11:28:11:41 | queryParameter |
| tst.js:20:19:20:32 | queryParameter |
| tst.js:20:19:20:32 | queryParameter |
| tst.js:23:24:23:26 | obj |
| tst.js:23:24:23:26 | obj |
| tst.js:24:28:24:30 | obj |
| tst.js:24:28:24:30 | obj |
| tst.js:26:11:26:24 | str |
| tst.js:26:17:26:19 | obj |
| tst.js:26:17:26:24 | obj + "" |
| tst.js:29:28:29:42 | JSON.parse(str) |
| tst.js:29:28:29:42 | JSON.parse(str) |
| tst.js:29:39:29:41 | str |
edges
| tst2.js:6:9:6:46 | bodyParameter | tst2.js:7:28:7:40 | bodyParameter |
| tst2.js:6:9:6:46 | bodyParameter | tst2.js:7:28:7:40 | bodyParameter |
@@ -80,36 +80,36 @@ edges
| tst2.js:51:25:51:32 | req.body | tst2.js:51:25:51:46 | req.bod ... rameter |
| tst2.js:51:25:51:32 | req.body | tst2.js:51:25:51:46 | req.bod ... rameter |
| tst2.js:51:25:51:46 | req.bod ... rameter | tst2.js:51:9:51:46 | bodyParameter |
| tst.js:5:9:5:46 | bodyParameter | tst.js:8:28:8:40 | bodyParameter |
| tst.js:5:9:5:46 | bodyParameter | tst.js:8:28:8:40 | bodyParameter |
| tst.js:5:25:5:32 | req.body | tst.js:5:25:5:46 | req.bod ... rameter |
| tst.js:5:25:5:32 | req.body | tst.js:5:25:5:46 | req.bod ... rameter |
| tst.js:5:25:5:46 | req.bod ... rameter | tst.js:5:9:5:46 | bodyParameter |
| tst.js:6:9:6:49 | queryParameter | tst.js:9:28:9:41 | queryParameter |
| tst.js:6:9:6:49 | queryParameter | tst.js:9:28:9:41 | queryParameter |
| tst.js:6:9:6:49 | queryParameter | tst.js:18:19:18:32 | queryParameter |
| tst.js:6:9:6:49 | queryParameter | tst.js:18:19:18:32 | queryParameter |
| tst.js:6:26:6:49 | req.que ... rameter | tst.js:6:9:6:49 | queryParameter |
| tst.js:6:26:6:49 | req.que ... rameter | tst.js:6:9:6:49 | queryParameter |
| tst.js:6:26:6:49 | req.que ... rameter | tst.js:6:9:6:49 | queryParameter |
| tst.js:6:26:6:49 | req.que ... rameter | tst.js:6:9:6:49 | queryParameter |
| tst.js:18:19:18:32 | queryParameter | tst.js:21:24:21:26 | obj |
| tst.js:18:19:18:32 | queryParameter | tst.js:21:24:21:26 | obj |
| tst.js:21:24:21:26 | obj | tst.js:22:28:22:30 | obj |
| tst.js:21:24:21:26 | obj | tst.js:22:28:22:30 | obj |
| tst.js:21:24:21:26 | obj | tst.js:24:17:24:19 | obj |
| tst.js:24:11:24:24 | str | tst.js:27:39:27:41 | str |
| tst.js:24:17:24:19 | obj | tst.js:24:17:24:24 | obj + "" |
| tst.js:24:17:24:24 | obj + "" | tst.js:24:11:24:24 | str |
| tst.js:27:39:27:41 | str | tst.js:27:28:27:42 | JSON.parse(str) |
| tst.js:27:39:27:41 | str | tst.js:27:28:27:42 | JSON.parse(str) |
| tst.js:7:9:7:46 | bodyParameter | tst.js:10:28:10:40 | bodyParameter |
| tst.js:7:9:7:46 | bodyParameter | tst.js:10:28:10:40 | bodyParameter |
| tst.js:7:25:7:32 | req.body | tst.js:7:25:7:46 | req.bod ... rameter |
| tst.js:7:25:7:32 | req.body | tst.js:7:25:7:46 | req.bod ... rameter |
| tst.js:7:25:7:46 | req.bod ... rameter | tst.js:7:9:7:46 | bodyParameter |
| tst.js:8:9:8:49 | queryParameter | tst.js:11:28:11:41 | queryParameter |
| tst.js:8:9:8:49 | queryParameter | tst.js:11:28:11:41 | queryParameter |
| tst.js:8:9:8:49 | queryParameter | tst.js:20:19:20:32 | queryParameter |
| tst.js:8:9:8:49 | queryParameter | tst.js:20:19:20:32 | queryParameter |
| tst.js:8:26:8:49 | req.que ... rameter | tst.js:8:9:8:49 | queryParameter |
| tst.js:8:26:8:49 | req.que ... rameter | tst.js:8:9:8:49 | queryParameter |
| tst.js:8:26:8:49 | req.que ... rameter | tst.js:8:9:8:49 | queryParameter |
| tst.js:8:26:8:49 | req.que ... rameter | tst.js:8:9:8:49 | queryParameter |
| tst.js:20:19:20:32 | queryParameter | tst.js:23:24:23:26 | obj |
| tst.js:20:19:20:32 | queryParameter | tst.js:23:24:23:26 | obj |
| tst.js:23:24:23:26 | obj | tst.js:24:28:24:30 | obj |
| tst.js:23:24:23:26 | obj | tst.js:24:28:24:30 | obj |
| tst.js:23:24:23:26 | obj | tst.js:26:17:26:19 | obj |
| tst.js:26:11:26:24 | str | tst.js:29:39:29:41 | str |
| tst.js:26:17:26:19 | obj | tst.js:26:17:26:24 | obj + "" |
| tst.js:26:17:26:24 | obj + "" | tst.js:26:11:26:24 | str |
| tst.js:29:39:29:41 | str | tst.js:29:28:29:42 | JSON.parse(str) |
| tst.js:29:39:29:41 | str | tst.js:29:28:29:42 | JSON.parse(str) |
#select
| tst2.js:7:28:7:40 | bodyParameter | tst2.js:6:25:6:32 | req.body | tst2.js:7:28:7:40 | bodyParameter | Template object injection due to $@. | tst2.js:6:25:6:32 | req.body | user-provided value |
| tst2.js:27:28:27:40 | bodyParameter | tst2.js:26:25:26:32 | req.body | tst2.js:27:28:27:40 | bodyParameter | Template object injection due to $@. | tst2.js:26:25:26:32 | req.body | user-provided value |
| tst2.js:35:28:35:40 | bodyParameter | tst2.js:34:25:34:32 | req.body | tst2.js:35:28:35:40 | bodyParameter | Template object injection due to $@. | tst2.js:34:25:34:32 | req.body | user-provided value |
| tst2.js:43:28:43:40 | bodyParameter | tst2.js:42:25:42:32 | req.body | tst2.js:43:28:43:40 | bodyParameter | Template object injection due to $@. | tst2.js:42:25:42:32 | req.body | user-provided value |
| tst2.js:52:28:52:40 | bodyParameter | tst2.js:51:25:51:32 | req.body | tst2.js:52:28:52:40 | bodyParameter | Template object injection due to $@. | tst2.js:51:25:51:32 | req.body | user-provided value |
| tst.js:8:28:8:40 | bodyParameter | tst.js:5:25:5:32 | req.body | tst.js:8:28:8:40 | bodyParameter | Template object injection due to $@. | tst.js:5:25:5:32 | req.body | user-provided value |
| tst.js:9:28:9:41 | queryParameter | tst.js:6:26:6:49 | req.que ... rameter | tst.js:9:28:9:41 | queryParameter | Template object injection due to $@. | tst.js:6:26:6:49 | req.que ... rameter | user-provided value |
| tst.js:22:28:22:30 | obj | tst.js:6:26:6:49 | req.que ... rameter | tst.js:22:28:22:30 | obj | Template object injection due to $@. | tst.js:6:26:6:49 | req.que ... rameter | user-provided value |
| tst.js:27:28:27:42 | JSON.parse(str) | tst.js:6:26:6:49 | req.que ... rameter | tst.js:27:28:27:42 | JSON.parse(str) | Template object injection due to $@. | tst.js:6:26:6:49 | req.que ... rameter | user-provided value |
| tst.js:10:28:10:40 | bodyParameter | tst.js:7:25:7:32 | req.body | tst.js:10:28:10:40 | bodyParameter | Template object injection due to $@. | tst.js:7:25:7:32 | req.body | user-provided value |
| tst.js:11:28:11:41 | queryParameter | tst.js:8:26:8:49 | req.que ... rameter | tst.js:11:28:11:41 | queryParameter | Template object injection due to $@. | tst.js:8:26:8:49 | req.que ... rameter | user-provided value |
| tst.js:24:28:24:30 | obj | tst.js:8:26:8:49 | req.que ... rameter | tst.js:24:28:24:30 | obj | Template object injection due to $@. | tst.js:8:26:8:49 | req.que ... rameter | user-provided value |
| tst.js:29:28:29:42 | JSON.parse(str) | tst.js:8:26:8:49 | req.que ... rameter | tst.js:29:28:29:42 | JSON.parse(str) | Template object injection due to $@. | tst.js:8:26:8:49 | req.que ... rameter | user-provided value |

2
javascript/ql/test/query-tests/Security/CWE-073/tst.js
View File

@@ -1,6 +1,8 @@
var app = require('express')();
app.set('view engine', 'hbs');
app.post('/path', function(req, res) {
var bodyParameter = req.body.bodyParameter;
var queryParameter = req.query.queryParameter;