hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Use type-pruning to restrict callback flow

Browse Source
This commit is contained in:
Asger F
2023-10-10 14:39:53 +02:00
parent e738b5d125
commit 9faf300dd0
4 changed files with 43 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
View File

@@ -5,7 +5,6 @@ legacyDataFlowDifference
| callbacks.js:37:17:37:24 | source() | callbacks.js:41:10:41:10 | x | only flow with NEW data flow library |
| callbacks.js:44:17:44:24 | source() | callbacks.js:37:37:37:37 | x | only flow with NEW data flow library |
| callbacks.js:44:17:44:24 | source() | callbacks.js:38:35:38:35 | x | only flow with NEW data flow library |
| callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x | only flow with NEW data flow library |
| capture-flow.js:89:13:89:20 | source() | capture-flow.js:89:6:89:21 | test3c(source()) | only flow with NEW data flow library |
| capture-flow.js:101:12:101:19 | source() | capture-flow.js:102:6:102:20 | test5("safe")() | only flow with OLD data flow library |
| capture-flow.js:274:33:274:40 | source() | capture-flow.js:272:10:272:17 | this.foo | only flow with OLD data flow library |
@@ -94,7 +93,6 @@ flow
| callbacks.js:51:18:51:25 | source() | callbacks.js:30:29:30:29 | y |
| callbacks.js:53:23:53:30 | source() | callbacks.js:58:10:58:10 | x |
| callbacks.js:73:17:73:24 | source() | callbacks.js:73:37:73:37 | x |
| callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x |
| capture-flow.js:9:11:9:18 | source() | capture-flow.js:14:10:14:16 | outer() |
| capture-flow.js:9:11:9:18 | source() | capture-flow.js:19:6:19:16 | outerMost() |
| capture-flow.js:31:14:31:21 | source() | capture-flow.js:31:6:31:22 | confuse(source()) |

2
javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
View File

@@ -7,7 +7,6 @@ legacyDataFlowDifference
| callbacks.js:37:17:37:24 | source() | callbacks.js:41:10:41:10 | x | only flow with NEW data flow library |
| callbacks.js:44:17:44:24 | source() | callbacks.js:37:37:37:37 | x | only flow with NEW data flow library |
| callbacks.js:44:17:44:24 | source() | callbacks.js:38:35:38:35 | x | only flow with NEW data flow library |
| callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x | only flow with NEW data flow library |
| capture-flow.js:89:13:89:20 | source() | capture-flow.js:89:6:89:21 | test3c(source()) | only flow with NEW data flow library |
| capture-flow.js:101:12:101:19 | source() | capture-flow.js:102:6:102:20 | test5("safe")() | only flow with OLD data flow library |
| capture-flow.js:274:33:274:40 | source() | capture-flow.js:272:10:272:17 | this.foo | only flow with OLD data flow library |
@@ -69,7 +68,6 @@ flow
| callbacks.js:51:18:51:25 | source() | callbacks.js:30:29:30:29 | y |
| callbacks.js:53:23:53:30 | source() | callbacks.js:58:10:58:10 | x |
| callbacks.js:73:17:73:24 | source() | callbacks.js:73:37:73:37 | x |
| callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x |
| capture-flow.js:9:11:9:18 | source() | capture-flow.js:14:10:14:16 | outer() |
| capture-flow.js:9:11:9:18 | source() | capture-flow.js:19:6:19:16 | outerMost() |
| capture-flow.js:31:14:31:21 | source() | capture-flow.js:31:6:31:22 | confuse(source()) |

2
javascript/ql/test/library-tests/TaintTracking/callbacks.js
View File

@@ -71,5 +71,5 @@ function forwardTaint4(x, cb) {
function test2() {
forwardTaint4(source(), x => sink(x)); // NOT OK
forwardTaint4("safe", x => sink(x)); // OK [INCONSISTENCY]
forwardTaint4("safe", x => sink(x)); // OK
}