hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JavaScript: Do not taint for-in loop variable.

Browse Source
This commit is contained in:
Max Schaefer
2019-07-18 14:13:10 +01:00
parent f70e7d774f
commit 8b3e647ae9
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
javascript/ql/test/query-tests/Security/CWE-079/tst.js
View File

@@ -285,3 +285,10 @@ function testCreateContextualFragment() {
var documentFragment = range.createContextualFragment(tainted); // NOT OK
document.body.appendChild(documentFragment);
}
function flowThroughPropertyNames() {
var obj = {};
obj[Math.random()] = window.name;
for (var p in obj)
$(p); // OK
}