mirror of
https://github.com/github/codeql.git
synced 2026-04-28 02:05:14 +02:00
Added test cases for aws sources
This commit is contained in:
Napalys Klicius
@@ -60,6 +60,54 @@ nodes
|
||||
| aws-db.js:74:35:74:43 | data.Item | semmle.label | data.Item |
|
||||
| aws-db.js:77:35:77:38 | data | semmle.label | data |
|
||||
| aws-db.js:77:35:77:43 | data.Item | semmle.label | data.Item |
|
||||
| aws.js:14:31:14:36 | result | semmle.label | result |
|
||||
| aws.js:14:31:14:44 | result.comment | semmle.label | result.comment |
|
||||
| aws.js:18:31:18:37 | result2 | semmle.label | result2 |
|
||||
| aws.js:18:31:18:45 | result2.comment | semmle.label | result2.comment |
|
||||
| aws.js:22:31:22:37 | result3 | semmle.label | result3 |
|
||||
| aws.js:22:31:22:45 | result3.comment | semmle.label | result3.comment |
|
||||
| aws.js:26:31:26:37 | result4 | semmle.label | result4 |
|
||||
| aws.js:26:31:26:45 | result4.comment | semmle.label | result4.comment |
|
||||
| aws.js:34:31:34:34 | data | semmle.label | data |
|
||||
| aws.js:34:31:34:42 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:37:35:37:38 | data | semmle.label | data |
|
||||
| aws.js:37:35:37:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:47:31:47:34 | data | semmle.label | data |
|
||||
| aws.js:47:31:47:42 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:50:35:50:38 | data | semmle.label | data |
|
||||
| aws.js:50:35:50:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:59:31:59:34 | data | semmle.label | data |
|
||||
| aws.js:59:31:59:42 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:62:35:62:38 | data | semmle.label | data |
|
||||
| aws.js:62:35:62:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:66:31:66:35 | data2 | semmle.label | data2 |
|
||||
| aws.js:66:31:66:43 | data2.comment | semmle.label | data2.comment |
|
||||
| aws.js:69:35:69:38 | data | semmle.label | data |
|
||||
| aws.js:69:35:69:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:78:31:78:34 | data | semmle.label | data |
|
||||
| aws.js:78:31:78:42 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:81:35:81:38 | data | semmle.label | data |
|
||||
| aws.js:81:35:81:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:85:31:85:35 | data2 | semmle.label | data2 |
|
||||
| aws.js:85:31:85:43 | data2.comment | semmle.label | data2.comment |
|
||||
| aws.js:88:35:88:38 | data | semmle.label | data |
|
||||
| aws.js:88:35:88:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:92:31:92:35 | data3 | semmle.label | data3 |
|
||||
| aws.js:92:31:92:43 | data3.comment | semmle.label | data3.comment |
|
||||
| aws.js:95:35:95:38 | data | semmle.label | data |
|
||||
| aws.js:95:35:95:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:99:31:99:35 | data4 | semmle.label | data4 |
|
||||
| aws.js:99:31:99:43 | data4.comment | semmle.label | data4.comment |
|
||||
| aws.js:102:35:102:38 | data | semmle.label | data |
|
||||
| aws.js:102:35:102:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:106:31:106:35 | data5 | semmle.label | data5 |
|
||||
| aws.js:106:31:106:43 | data5.comment | semmle.label | data5.comment |
|
||||
| aws.js:109:35:109:38 | data | semmle.label | data |
|
||||
| aws.js:109:35:109:46 | data.comment | semmle.label | data.comment |
|
||||
| aws.js:113:31:113:35 | data6 | semmle.label | data6 |
|
||||
| aws.js:113:31:113:43 | data6.comment | semmle.label | data6.comment |
|
||||
| aws.js:116:35:116:38 | data | semmle.label | data |
|
||||
| aws.js:116:35:116:46 | data.comment | semmle.label | data.comment |
|
||||
| classnames.js:7:31:7:84 | `<span ... <span>` | semmle.label | `<span ... <span>` |
|
||||
| classnames.js:7:47:7:69 | classNa ... w.name) | semmle.label | classNa ... w.name) |
|
||||
| classnames.js:7:58:7:68 | window.name | semmle.label | window.name |
|
||||
@@ -766,6 +814,30 @@ edges
|
||||
| aws-db.js:69:35:69:38 | data | aws-db.js:69:35:69:52 | data.updateResults | provenance | |
|
||||
| aws-db.js:74:35:74:38 | data | aws-db.js:74:35:74:43 | data.Item | provenance | |
|
||||
| aws-db.js:77:35:77:38 | data | aws-db.js:77:35:77:43 | data.Item | provenance | |
|
||||
| aws.js:14:31:14:36 | result | aws.js:14:31:14:44 | result.comment | provenance | |
|
||||
| aws.js:18:31:18:37 | result2 | aws.js:18:31:18:45 | result2.comment | provenance | |
|
||||
| aws.js:22:31:22:37 | result3 | aws.js:22:31:22:45 | result3.comment | provenance | |
|
||||
| aws.js:26:31:26:37 | result4 | aws.js:26:31:26:45 | result4.comment | provenance | |
|
||||
| aws.js:34:31:34:34 | data | aws.js:34:31:34:42 | data.comment | provenance | |
|
||||
| aws.js:37:35:37:38 | data | aws.js:37:35:37:46 | data.comment | provenance | |
|
||||
| aws.js:47:31:47:34 | data | aws.js:47:31:47:42 | data.comment | provenance | |
|
||||
| aws.js:50:35:50:38 | data | aws.js:50:35:50:46 | data.comment | provenance | |
|
||||
| aws.js:59:31:59:34 | data | aws.js:59:31:59:42 | data.comment | provenance | |
|
||||
| aws.js:62:35:62:38 | data | aws.js:62:35:62:46 | data.comment | provenance | |
|
||||
| aws.js:66:31:66:35 | data2 | aws.js:66:31:66:43 | data2.comment | provenance | |
|
||||
| aws.js:69:35:69:38 | data | aws.js:69:35:69:46 | data.comment | provenance | |
|
||||
| aws.js:78:31:78:34 | data | aws.js:78:31:78:42 | data.comment | provenance | |
|
||||
| aws.js:81:35:81:38 | data | aws.js:81:35:81:46 | data.comment | provenance | |
|
||||
| aws.js:85:31:85:35 | data2 | aws.js:85:31:85:43 | data2.comment | provenance | |
|
||||
| aws.js:88:35:88:38 | data | aws.js:88:35:88:46 | data.comment | provenance | |
|
||||
| aws.js:92:31:92:35 | data3 | aws.js:92:31:92:43 | data3.comment | provenance | |
|
||||
| aws.js:95:35:95:38 | data | aws.js:95:35:95:46 | data.comment | provenance | |
|
||||
| aws.js:99:31:99:35 | data4 | aws.js:99:31:99:43 | data4.comment | provenance | |
|
||||
| aws.js:102:35:102:38 | data | aws.js:102:35:102:46 | data.comment | provenance | |
|
||||
| aws.js:106:31:106:35 | data5 | aws.js:106:31:106:43 | data5.comment | provenance | |
|
||||
| aws.js:109:35:109:38 | data | aws.js:109:35:109:46 | data.comment | provenance | |
|
||||
| aws.js:113:31:113:35 | data6 | aws.js:113:31:113:43 | data6.comment | provenance | |
|
||||
| aws.js:116:35:116:38 | data | aws.js:116:35:116:46 | data.comment | provenance | |
|
||||
| classnames.js:7:47:7:69 | classNa ... w.name) | classnames.js:7:31:7:84 | `<span ... <span>` | provenance | |
|
||||
| classnames.js:7:58:7:68 | window.name | classnames.js:7:47:7:69 | classNa ... w.name) | provenance | |
|
||||
| classnames.js:8:47:8:70 | classNa ... w.name) | classnames.js:8:31:8:85 | `<span ... <span>` | provenance | |
|
||||
@@ -1375,6 +1447,30 @@ subpaths
|
||||
| aws-db.js:69:35:69:52 | data.updateResults | aws-db.js:69:35:69:38 | data | aws-db.js:69:35:69:52 | data.updateResults | Cross-site scripting vulnerability due to $@. | aws-db.js:69:35:69:38 | data | user-provided value |
|
||||
| aws-db.js:74:35:74:43 | data.Item | aws-db.js:74:35:74:38 | data | aws-db.js:74:35:74:43 | data.Item | Cross-site scripting vulnerability due to $@. | aws-db.js:74:35:74:38 | data | user-provided value |
|
||||
| aws-db.js:77:35:77:43 | data.Item | aws-db.js:77:35:77:38 | data | aws-db.js:77:35:77:43 | data.Item | Cross-site scripting vulnerability due to $@. | aws-db.js:77:35:77:38 | data | user-provided value |
|
||||
| aws.js:14:31:14:44 | result.comment | aws.js:14:31:14:36 | result | aws.js:14:31:14:44 | result.comment | Cross-site scripting vulnerability due to $@. | aws.js:14:31:14:36 | result | user-provided value |
|
||||
| aws.js:18:31:18:45 | result2.comment | aws.js:18:31:18:37 | result2 | aws.js:18:31:18:45 | result2.comment | Cross-site scripting vulnerability due to $@. | aws.js:18:31:18:37 | result2 | user-provided value |
|
||||
| aws.js:22:31:22:45 | result3.comment | aws.js:22:31:22:37 | result3 | aws.js:22:31:22:45 | result3.comment | Cross-site scripting vulnerability due to $@. | aws.js:22:31:22:37 | result3 | user-provided value |
|
||||
| aws.js:26:31:26:45 | result4.comment | aws.js:26:31:26:37 | result4 | aws.js:26:31:26:45 | result4.comment | Cross-site scripting vulnerability due to $@. | aws.js:26:31:26:37 | result4 | user-provided value |
|
||||
| aws.js:34:31:34:42 | data.comment | aws.js:34:31:34:34 | data | aws.js:34:31:34:42 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:34:31:34:34 | data | user-provided value |
|
||||
| aws.js:37:35:37:46 | data.comment | aws.js:37:35:37:38 | data | aws.js:37:35:37:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:37:35:37:38 | data | user-provided value |
|
||||
| aws.js:47:31:47:42 | data.comment | aws.js:47:31:47:34 | data | aws.js:47:31:47:42 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:47:31:47:34 | data | user-provided value |
|
||||
| aws.js:50:35:50:46 | data.comment | aws.js:50:35:50:38 | data | aws.js:50:35:50:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:50:35:50:38 | data | user-provided value |
|
||||
| aws.js:59:31:59:42 | data.comment | aws.js:59:31:59:34 | data | aws.js:59:31:59:42 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:59:31:59:34 | data | user-provided value |
|
||||
| aws.js:62:35:62:46 | data.comment | aws.js:62:35:62:38 | data | aws.js:62:35:62:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:62:35:62:38 | data | user-provided value |
|
||||
| aws.js:66:31:66:43 | data2.comment | aws.js:66:31:66:35 | data2 | aws.js:66:31:66:43 | data2.comment | Cross-site scripting vulnerability due to $@. | aws.js:66:31:66:35 | data2 | user-provided value |
|
||||
| aws.js:69:35:69:46 | data.comment | aws.js:69:35:69:38 | data | aws.js:69:35:69:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:69:35:69:38 | data | user-provided value |
|
||||
| aws.js:78:31:78:42 | data.comment | aws.js:78:31:78:34 | data | aws.js:78:31:78:42 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:78:31:78:34 | data | user-provided value |
|
||||
| aws.js:81:35:81:46 | data.comment | aws.js:81:35:81:38 | data | aws.js:81:35:81:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:81:35:81:38 | data | user-provided value |
|
||||
| aws.js:85:31:85:43 | data2.comment | aws.js:85:31:85:35 | data2 | aws.js:85:31:85:43 | data2.comment | Cross-site scripting vulnerability due to $@. | aws.js:85:31:85:35 | data2 | user-provided value |
|
||||
| aws.js:88:35:88:46 | data.comment | aws.js:88:35:88:38 | data | aws.js:88:35:88:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:88:35:88:38 | data | user-provided value |
|
||||
| aws.js:92:31:92:43 | data3.comment | aws.js:92:31:92:35 | data3 | aws.js:92:31:92:43 | data3.comment | Cross-site scripting vulnerability due to $@. | aws.js:92:31:92:35 | data3 | user-provided value |
|
||||
| aws.js:95:35:95:46 | data.comment | aws.js:95:35:95:38 | data | aws.js:95:35:95:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:95:35:95:38 | data | user-provided value |
|
||||
| aws.js:99:31:99:43 | data4.comment | aws.js:99:31:99:35 | data4 | aws.js:99:31:99:43 | data4.comment | Cross-site scripting vulnerability due to $@. | aws.js:99:31:99:35 | data4 | user-provided value |
|
||||
| aws.js:102:35:102:46 | data.comment | aws.js:102:35:102:38 | data | aws.js:102:35:102:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:102:35:102:38 | data | user-provided value |
|
||||
| aws.js:106:31:106:43 | data5.comment | aws.js:106:31:106:35 | data5 | aws.js:106:31:106:43 | data5.comment | Cross-site scripting vulnerability due to $@. | aws.js:106:31:106:35 | data5 | user-provided value |
|
||||
| aws.js:109:35:109:46 | data.comment | aws.js:109:35:109:38 | data | aws.js:109:35:109:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:109:35:109:38 | data | user-provided value |
|
||||
| aws.js:113:31:113:43 | data6.comment | aws.js:113:31:113:35 | data6 | aws.js:113:31:113:43 | data6.comment | Cross-site scripting vulnerability due to $@. | aws.js:113:31:113:35 | data6 | user-provided value |
|
||||
| aws.js:116:35:116:46 | data.comment | aws.js:116:35:116:38 | data | aws.js:116:35:116:46 | data.comment | Cross-site scripting vulnerability due to $@. | aws.js:116:35:116:38 | data | user-provided value |
|
||||
| hana.js:11:37:11:51 | rows[0].comment | hana.js:11:37:11:40 | rows | hana.js:11:37:11:51 | rows[0].comment | Cross-site scripting vulnerability due to $@. | hana.js:11:37:11:40 | rows | user-provided value |
|
||||
| hana.js:16:37:16:51 | rows[0].comment | hana.js:16:37:16:40 | rows | hana.js:16:37:16:51 | rows[0].comment | Cross-site scripting vulnerability due to $@. | hana.js:16:37:16:40 | rows | user-provided value |
|
||||
| hana.js:19:37:19:51 | rows[0].comment | hana.js:19:37:19:40 | rows | hana.js:19:37:19:51 | rows[0].comment | Cross-site scripting vulnerability due to $@. | hana.js:19:37:19:40 | rows | user-provided value |
|
||||
|
||||
@@ -0,0 +1,118 @@
|
||||
const AWS = require('aws-sdk');
|
||||
const { AthenaClient } = require('@aws-sdk/client-athena');
|
||||
const { S3Client } = require('@aws-sdk/client-s3');
|
||||
const { RDSDataClient } = require('@aws-sdk/client-rds-data');
|
||||
const { DynamoDBClient } = require('@aws-sdk/client-dynamodb');
|
||||
const express = require('express');
|
||||
|
||||
const app = express();
|
||||
|
||||
// AWS V3 Common tests
|
||||
app.post('/aws-v3-common', async (req, res) => {
|
||||
const athenaClient = new AthenaClient({});
|
||||
const result = await athenaClient.send({});
|
||||
document.body.innerHTML = result.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
const s3Client = new S3Client({});
|
||||
const result2 = await s3Client.send({});
|
||||
document.body.innerHTML = result2.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
const rdsDataClient = new RDSDataClient({});
|
||||
const result3 = await rdsDataClient.send({});
|
||||
document.body.innerHTML = result3.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
const dynamoClient = new DynamoDBClient({});
|
||||
const result4 = await dynamoClient.send({});
|
||||
document.body.innerHTML = result4.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
|
||||
// Athena Client V2 tests
|
||||
app.post('/athena-v2', async (req, res) => {
|
||||
const athena = new AWS.Athena();
|
||||
|
||||
const data = await athena.getQueryResults({}).promise();
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
athena.getQueryResults({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
});
|
||||
|
||||
// S3 Client V2 tests
|
||||
app.post('/s3-v2', async (req, res) => {
|
||||
const s3 = new AWS.S3();
|
||||
|
||||
|
||||
const data = await s3.getObject({}).promise();
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
s3.getObject({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
});
|
||||
|
||||
// RDS Data Client V2 tests
|
||||
app.post('/rds-data-v2', async (req, res) => {
|
||||
const rdsData = new AWS.RDSDataService();
|
||||
|
||||
const data = await rdsData.executeStatement({}).promise();
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
rdsData.executeStatement({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
|
||||
const data2 = await rdsData.batchExecuteStatement({}).promise();
|
||||
document.body.innerHTML = data2.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
rdsData.batchExecuteStatement({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
});
|
||||
|
||||
// DynamoDB Client V2 tests
|
||||
app.post('/dynamodb-v2', async (req, res) => {
|
||||
const dynamodb = new AWS.DynamoDB();
|
||||
|
||||
const data = await dynamodb.executeStatement({}).promise();
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
dynamodb.executeStatement({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
|
||||
const data2 = await dynamodb.batchExecuteStatement({}).promise();
|
||||
document.body.innerHTML = data2.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
dynamodb.batchExecuteStatement({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
|
||||
const data3 = await dynamodb.query({}).promise();
|
||||
document.body.innerHTML = data3.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
dynamodb.query({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
|
||||
const data4 = await dynamodb.scan({}).promise();
|
||||
document.body.innerHTML = data4.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
dynamodb.scan({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
|
||||
const data5 = await dynamodb.getItem({}).promise();
|
||||
document.body.innerHTML = data5.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
dynamodb.getItem({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
|
||||
const data6 = await dynamodb.batchGetItem({}).promise();
|
||||
document.body.innerHTML = data6.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
|
||||
dynamodb.batchGetItem({}, function(err, data) {
|
||||
document.body.innerHTML = data.comment; // $ Alert[js/xss-additional-sources-dom-test]
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user