hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

JavaScript: Track flow through property getter functions.

Browse Source
This commit is contained in:
Max Schaefer
2019-06-26 15:48:32 -07:00
parent 1c175cbe71
commit b3e8103dce
6 changed files with 112 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
javascript/ql/test/library-tests/InterProceduralFlow/DataFlow.expected
View File

@@ -29,6 +29,7 @@
| promises.js:12:22:12:31 | "rejected" | promises.js:24:20:24:20 | v |
| promises.js:12:22:12:31 | "rejected" | promises.js:27:16:27:16 | v |
| properties2.js:7:14:7:21 | "source" | properties2.js:8:12:8:24 | foo(source).p |
| properties2.js:7:14:7:21 | "source" | properties2.js:33:13:33:20 | getP(o3) |
| properties.js:2:16:2:24 | "tainted" | properties.js:5:14:5:23 | a.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:12:15:12:24 | x.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:14:15:14:27 | tmp1.someProp |

1
javascript/ql/test/library-tests/InterProceduralFlow/GermanFlow.expected
View File

@@ -30,6 +30,7 @@
| promises.js:12:22:12:31 | "rejected" | promises.js:24:20:24:20 | v |
| promises.js:12:22:12:31 | "rejected" | promises.js:27:16:27:16 | v |
| properties2.js:7:14:7:21 | "source" | properties2.js:8:12:8:24 | foo(source).p |
| properties2.js:7:14:7:21 | "source" | properties2.js:33:13:33:20 | getP(o3) |
| properties.js:2:16:2:24 | "tainted" | properties.js:5:14:5:23 | a.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:12:15:12:24 | x.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:14:15:14:27 | tmp1.someProp |

1
javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.expected
View File

@@ -36,6 +36,7 @@
| promises.js:12:22:12:31 | "rejected" | promises.js:27:16:27:16 | v |
| promises.js:32:24:32:37 | "also tainted" | promises.js:38:32:38:32 | v |
| properties2.js:7:14:7:21 | "source" | properties2.js:8:12:8:24 | foo(source).p |
| properties2.js:7:14:7:21 | "source" | properties2.js:33:13:33:20 | getP(o3) |
| properties.js:2:16:2:24 | "tainted" | properties.js:5:14:5:23 | a.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:12:15:12:24 | x.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:14:15:14:27 | tmp1.someProp |

21
javascript/ql/test/library-tests/InterProceduralFlow/properties2.js
View File

@@ -21,4 +21,25 @@ var o2 = {};
setP(o2, "not a source");
var sink5 = o2.p;
function getP(base) {
return base.p;
}
function getQ(base) {
return base.q;
}
var o3 = { p: source };
var sink6 = getP(o3);
var sink7 = getQ(o3);
var o4 = {};
setP(o4, source);
var sink8 = getP(o4);
var sink9 = getQ(o4);
var o5 = {};
setP(o5, "not a source");
var sink10 = getP(o5);
// semmle-extractor-options: --source-type module