hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Add sanitizer for "in" exprs

Browse Source
This commit is contained in:
Asger F
2019-11-26 15:14:19 +00:00
committed by Asger Feldthaus
parent 7ac30e2289
commit 9bd3c4a11c
3 changed files with 70 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
javascript/ql/test/query-tests/Security/CWE-400/PrototypePollutionUtility.expected
View File

@@ -815,6 +815,23 @@ nodes
| PrototypePollutionUtility/tests.js:322:28:322:32 | value |
| PrototypePollutionUtility/tests.js:322:28:322:32 | value |
| PrototypePollutionUtility/tests.js:322:28:322:32 | value |
| PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:336:42:336:44 | src |
| PrototypePollutionUtility/tests.js:336:42:336:44 | src |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:30 | src |
| PrototypePollutionUtility/tests.js:338:28:338:30 | src |
| PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| examples/PrototypePollutionUtility.js:1:16:1:18 | dst |
| examples/PrototypePollutionUtility.js:1:16:1:18 | dst |
| examples/PrototypePollutionUtility.js:1:21:1:23 | src |
@@ -1950,6 +1967,23 @@ edges
| PrototypePollutionUtility/tests.js:320:42:320:44 | key | PrototypePollutionUtility/tests.js:320:38:320:45 | dst[key] |
| PrototypePollutionUtility/tests.js:320:48:320:52 | value | PrototypePollutionUtility/tests.js:314:36:314:38 | src |
| PrototypePollutionUtility/tests.js:320:48:320:52 | value | PrototypePollutionUtility/tests.js:314:36:314:38 | src |
| PrototypePollutionUtility/tests.js:328:30:328:32 | src | PrototypePollutionUtility/tests.js:336:42:336:44 | src |
| PrototypePollutionUtility/tests.js:328:30:328:32 | src | PrototypePollutionUtility/tests.js:336:42:336:44 | src |
| PrototypePollutionUtility/tests.js:328:30:328:32 | src | PrototypePollutionUtility/tests.js:338:28:338:30 | src |
| PrototypePollutionUtility/tests.js:328:30:328:32 | src | PrototypePollutionUtility/tests.js:338:28:338:30 | src |
| PrototypePollutionUtility/tests.js:336:42:336:44 | src | PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] |
| PrototypePollutionUtility/tests.js:336:42:336:44 | src | PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] | PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] | PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] | PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] | PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] | PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:336:42:336:49 | src[key] | PrototypePollutionUtility/tests.js:328:30:328:32 | src |
| PrototypePollutionUtility/tests.js:338:28:338:30 | src | PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:30 | src | PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:30 | src | PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:30 | src | PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] | PrototypePollutionUtility/tests.js:338:28:338:35 | src[key] |
| examples/PrototypePollutionUtility.js:1:16:1:18 | dst | examples/PrototypePollutionUtility.js:5:19:5:21 | dst |
| examples/PrototypePollutionUtility.js:1:16:1:18 | dst | examples/PrototypePollutionUtility.js:5:19:5:21 | dst |
| examples/PrototypePollutionUtility.js:1:16:1:18 | dst | examples/PrototypePollutionUtility.js:7:13:7:15 | dst |

16
javascript/ql/test/query-tests/Security/CWE-400/PrototypePollutionUtility/tests.js
View File

@@ -324,3 +324,19 @@ function mergeRephinementNode(dst, src) {
}
}
}
function mergeSelective(dst, src) {
for (let key in src) {
if (src.hasOwnProperty(key)) {
// Only 'prefs' is merged recursively
if (key in dst && key !== 'prefs') {
continue;
}
if (dst[key]) {
mergeSelective(dst[key], src[key]);
} else {
dst[key] = src[key]; // OK
}
}
}
}