hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JavaScript: Add new tests.

Browse Source
This commit is contained in:
Max Schaefer
2018-09-04 10:36:50 +01:00
parent 3affe922e3
commit 910d6de47d
2 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.expected
View File

@@ -36,6 +36,9 @@
| tst2.js:3:17:3:26 | "tainted2" | tst2.js:11:15:11:24 | g(source2) |
| tst2.js:6:24:6:37 | "also tainted" | tst2.js:10:15:10:24 | g(source1) |
| tst2.js:6:24:6:37 | "also tainted" | tst2.js:11:15:11:24 | g(source2) |
| tst4.js:2:16:2:24 | "tainted" | tst4.js:15:15:15:31 | id(still_tainted) |
| tst4.js:2:16:2:24 | "tainted" | tst4.js:16:15:16:28 | p.also_tainted |
| tst4.js:2:16:2:24 | "tainted" | tst4.js:17:15:17:28 | substr(source) |
| tst.js:2:17:2:22 | "src1" | tst.js:3:15:3:29 | String(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:4:15:4:29 | RegExp(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:5:15:5:33 | new String(source1) |

18
javascript/ql/test/library-tests/InterProceduralFlow/tst4.js Normal file
View File

@@ -0,0 +1,18 @@
(function(p) {
let source = "tainted";
function id(x) {
return x;
}
function substr(x) {
return x.substring(2);
}
var still_tainted = source.substring(2);
p.also_tainted = still_tainted;
let sink1 = id(still_tainted);
let sink2 = p.also_tainted;
let sink3 = substr(source);
});