hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

QL code and tests for C#/C++/JavaScript.

Browse Source
This commit is contained in:
Pavel Avgustinov
2018-08-02 17:53:23 +01:00
commit b55526aa58
10684 changed files with 581163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected Normal file
View File

@@ -0,0 +1,2 @@
| tst.js:2:13:2:20 | source() | tst.js:4:10:4:10 | x |
| tst.js:2:13:2:20 | source() | tst.js:5:10:5:22 | "/" + x + "!" |

23
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql Normal file
View File

@@ -0,0 +1,23 @@
import javascript
DataFlow::CallNode getACall(string name) {
result.getCalleeName() = name
}
class BasicConfig extends TaintTracking::Configuration {
BasicConfig() { this = "BasicConfig" }
override
predicate isSource(DataFlow::Node node) {
node = getACall("source")
}
override
predicate isSink(DataFlow::Node node) {
node = getACall("sink").getAnArgument()
}
}
from BasicConfig cfg, DataFlow::Node src, DataFlow::Node sink
where cfg.hasFlow(src, sink)
select src, sink

13
javascript/ql/test/library-tests/TaintTracking/tst.js Normal file
View File

@@ -0,0 +1,13 @@
function test() {
let x = source();
sink(x); // NOT OK
sink("/" + x + "!"); // NOT OK
sink(x == null); // OK
sink(x == undefined); // OK
sink(x == 1); // OK
sink(x === 1); // OK
sink(undefined == x); // OK
sink(x === x); // OK
}