diff --git a/.bazelrc b/.bazelrc new file mode 100644 index 00000000000..cd6226d0171 --- /dev/null +++ b/.bazelrc @@ -0,0 +1,3 @@ +build --copt="-std=c++17" + +try-import %workspace%/local.bazelrc diff --git a/.bazelversion b/.bazelversion new file mode 100644 index 00000000000..0062ac97180 --- /dev/null +++ b/.bazelversion @@ -0,0 +1 @@ +5.0.0 diff --git a/.github/actions/fetch-codeql/action.yml b/.github/actions/fetch-codeql/action.yml index 41ffeea81fd..13b91525237 100644 --- a/.github/actions/fetch-codeql/action.yml +++ b/.github/actions/fetch-codeql/action.yml @@ -3,12 +3,22 @@ description: Fetches the latest version of CodeQL runs: using: composite steps: + - name: Select platform - Linux + if: runner.os == 'Linux' + shell: bash + run: echo "GA_CODEQL_CLI_PLATFORM=linux64" >> $GITHUB_ENV + + - name: Select platform - MacOS + if: runner.os == 'MacOS' + shell: bash + run: echo "GA_CODEQL_CLI_PLATFORM=osx64" >> $GITHUB_ENV + - name: Fetch CodeQL shell: bash run: | LATEST=$(gh release list --repo https://github.com/github/codeql-cli-binaries | cut -f 1 | grep -v beta | sort --version-sort | tail -1) - gh release download --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip "$LATEST" - unzip -q -d "${RUNNER_TEMP}" codeql-linux64.zip + gh release download --repo https://github.com/github/codeql-cli-binaries --pattern codeql-$GA_CODEQL_CLI_PLATFORM.zip "$LATEST" + unzip -q -d "${RUNNER_TEMP}" codeql-$GA_CODEQL_CLI_PLATFORM.zip echo "${RUNNER_TEMP}/codeql" >> "${GITHUB_PATH}" env: GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/swift-qltest.yml b/.github/workflows/swift-qltest.yml new file mode 100644 index 00000000000..6d284307d88 --- /dev/null +++ b/.github/workflows/swift-qltest.yml @@ -0,0 +1,51 @@ +name: "Swift: Run QL Tests" + +on: + pull_request: + paths: + - "swift/**" + - .github/workflows/swift-qltest.yml + branches: + - main +defaults: + run: + working-directory: swift + +jobs: + qlformat: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: ./.github/actions/fetch-codeql + - name: Check QL formatting + run: find ql "(" -name "*.ql" -or -name "*.qll" ")" -print0 | xargs -0 codeql query format --check-only + qltest: + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + os : [ubuntu-20.04, macos-latest] + steps: + - uses: actions/checkout@v2 + - uses: ./.github/actions/fetch-codeql + - name: Install bazelisk - Linux + if: runner.os == 'Linux' + run: | + sudo apt-get update + sudo apt-get install -y wget + wget https://github.com/bazelbuild/bazelisk/releases/download/v1.11.0/bazelisk-linux-amd64 + mv bazelisk-linux-amd64 /usr/local/bin/bazel + chmod +x /usr/local/bin/bazel + - name: Install bazelisk - macOS + if: runner.os == 'MacOS' + run: | + brew install bazelisk + - name: Build Swift extractor + run: | + bazel run //swift:create-extractor-pack + - name: Run QL tests + run: | + codeql test run --threads=0 --ram 5000 --search-path "${{ github.workspace }}/swift/extractor-pack" --check-databases --check-unused-labels --check-repeated-labels --check-redefined-labels --check-use-before-definition ql/test + env: + GITHUB_TOKEN: ${{ github.token }} + diff --git a/.gitignore b/.gitignore index b87ee01c387..33ef1770c95 100644 --- a/.gitignore +++ b/.gitignore @@ -31,5 +31,8 @@ csharp/extractor/Semmle.Extraction.CSharp.Driver/Properties/launchSettings.json # Compiled class file *.class -# links create by bazel +# links created by bazel /bazel-* + +# CLion project files +/.clwb diff --git a/BUILD.bazel b/BUILD.bazel new file mode 100644 index 00000000000..e69de29bb2d diff --git a/CODEOWNERS b/CODEOWNERS index a60e08f9062..37389ad499a 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -5,14 +5,6 @@ /python/ @github/codeql-python /ruby/ @github/codeql-ruby -# Make @xcorail (GitHub Security Lab) a code owner for experimental queries so he gets pinged when we promote a query out of experimental -/cpp/**/experimental/**/* @github/codeql-c-analysis @xcorail -/csharp/**/experimental/**/* @github/codeql-csharp @xcorail -/java/**/experimental/**/* @github/codeql-java @xcorail -/javascript/**/experimental/**/* @github/codeql-javascript @xcorail -/python/**/experimental/**/* @github/codeql-python @xcorail -/ruby/**/experimental/**/* @github/codeql-ruby @xcorail - # ML-powered queries /javascript/ql/experimental/adaptivethreatmodeling/ @github/codeql-ml-powered-queries-reviewers diff --git a/WORKSPACE.bazel b/WORKSPACE.bazel index c9357d0f448..42b7f54c24c 100644 --- a/WORKSPACE.bazel +++ b/WORKSPACE.bazel @@ -1,2 +1,12 @@ # Please notice that any bazel targets and definitions in this repository are currently experimental # and for internal use only. + +workspace(name = "codeql") + +load("//misc/bazel:workspace.bzl", "codeql_workspace") + +codeql_workspace() + +load("//misc/bazel:workspace_deps.bzl", "codeql_workspace_deps") + +codeql_workspace_deps() diff --git a/config/identical-files.json b/config/identical-files.json index a7ff2f1babf..bec4bbedc17 100644 --- a/config/identical-files.json +++ b/config/identical-files.json @@ -383,7 +383,8 @@ "csharp/ql/test/TestUtilities/InlineExpectationsTest.qll", "java/ql/test/TestUtilities/InlineExpectationsTest.qll", "python/ql/test/TestUtilities/InlineExpectationsTest.qll", - "ruby/ql/test/TestUtilities/InlineExpectationsTest.qll" + "ruby/ql/test/TestUtilities/InlineExpectationsTest.qll", + "ql/ql/test/TestUtilities/InlineExpectationsTest.qll" ], "C++ ExternalAPIs": [ "cpp/ql/src/Security/CWE/CWE-020/ExternalAPIs.qll", diff --git a/cpp/ql/lib/CHANGELOG.md b/cpp/ql/lib/CHANGELOG.md index d4603cef8b4..5a0f68c2b00 100644 --- a/cpp/ql/lib/CHANGELOG.md +++ b/cpp/ql/lib/CHANGELOG.md @@ -1,3 +1,26 @@ +## 0.0.13 + +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* `DefaultOptions::exits` now holds for C11 functions with the `_Noreturn` or `noreturn` specifier. +* `hasImplicitCopyConstructor` and `hasImplicitCopyAssignmentOperator` now correctly handle implicitly-deleted operators in templates. +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. + ## 0.0.11 ### Minor Analysis Improvements diff --git a/cpp/ql/lib/change-notes/2022-02-07-deleted-deprecations.md b/cpp/ql/lib/change-notes/2022-02-07-deleted-deprecations.md deleted file mode 100644 index e8da1e8e158..00000000000 --- a/cpp/ql/lib/change-notes/2022-02-07-deleted-deprecations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md b/cpp/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md deleted file mode 100644 index a79f286aacd..00000000000 --- a/cpp/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2022-03-10-template-implicit-copy.md b/cpp/ql/lib/change-notes/2022-03-10-template-implicit-copy.md deleted file mode 100644 index fe2afba6568..00000000000 --- a/cpp/ql/lib/change-notes/2022-03-10-template-implicit-copy.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* `hasImplicitCopyConstructor` and `hasImplicitCopyAssignmentOperator` now correctly handle implicitly-deleted operators in templates. \ No newline at end of file diff --git a/cpp/ql/lib/change-notes/2022-03-14-c11-noreturn.md b/cpp/ql/lib/change-notes/2022-03-14-c11-noreturn.md deleted file mode 100644 index c74e1ab9820..00000000000 --- a/cpp/ql/lib/change-notes/2022-03-14-c11-noreturn.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* `DefaultOptions::exits` now holds for C11 functions with the `_Noreturn` or `noreturn` specifier. diff --git a/cpp/ql/lib/change-notes/2022-03-14-flow-state-barriers.md b/cpp/ql/lib/change-notes/2022-03-14-flow-state-barriers.md deleted file mode 100644 index af6247a66fa..00000000000 --- a/cpp/ql/lib/change-notes/2022-03-14-flow-state-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. diff --git a/cpp/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md b/cpp/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md deleted file mode 100644 index 3481d507db3..00000000000 --- a/cpp/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. diff --git a/cpp/ql/lib/change-notes/released/0.0.12.md b/cpp/ql/lib/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..099524281ee --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.0.12.md @@ -0,0 +1,20 @@ +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* `DefaultOptions::exits` now holds for C11 functions with the `_Noreturn` or `noreturn` specifier. +* `hasImplicitCopyConstructor` and `hasImplicitCopyAssignmentOperator` now correctly handle implicitly-deleted operators in templates. +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. diff --git a/cpp/ql/lib/change-notes/released/0.0.13.md b/cpp/ql/lib/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/cpp/ql/lib/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/cpp/ql/lib/codeql-pack.release.yml b/cpp/ql/lib/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/cpp/ql/lib/codeql-pack.release.yml +++ b/cpp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/cpp/ql/lib/qlpack.yml b/cpp/ql/lib/qlpack.yml index f76e7c23f6f..8c647b8fee1 100644 --- a/cpp/ql/lib/qlpack.yml +++ b/cpp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-all -version: 0.0.12-dev +version: 0.1.0-dev groups: cpp dbscheme: semmlecode.cpp.dbscheme extractor: cpp diff --git a/cpp/ql/lib/semmle/code/cpp/AutogeneratedFile.qll b/cpp/ql/lib/semmle/code/cpp/AutogeneratedFile.qll index 829249e7ded..fe5cb80a14b 100644 --- a/cpp/ql/lib/semmle/code/cpp/AutogeneratedFile.qll +++ b/cpp/ql/lib/semmle/code/cpp/AutogeneratedFile.qll @@ -84,6 +84,7 @@ private int fileHeaderLimit(File f) { fc = fileFirstComment(f) and result = min(int line | + // code ending the initial comments exists(DeclarationEntry de, Location l | l = de.getLocation() and l.getFile() = f and @@ -105,7 +106,13 @@ private int fileHeaderLimit(File f) { line > fc ) or + // end of the file line = f.getMetrics().getNumberOfLines() + or + // rarely, we've seen extremely long sequences of initial comments + // (and/or limitations in the above constraints) cause an overflow of + // the maximum string length. So don't look past 1000 lines regardless. + line = 1000 ) ) } diff --git a/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll b/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll index 7b5fcd504b1..373ab8b79e2 100644 --- a/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll +++ b/cpp/ql/lib/semmle/code/cpp/controlflow/StackVariableReachability.qll @@ -80,7 +80,11 @@ abstract class StackVariableReachability extends string { j > i and sink = bb.getNode(j) and this.isSink(sink, v) and - not exists(int k | this.isBarrier(bb.getNode(k), v) | k in [i + 1 .. j - 1]) + not exists(int k, ControlFlowNode node | + node = bb.getNode(k) and this.isBarrier(pragma[only_bind_into](node), v) + | + k in [i + 1 .. j - 1] + ) ) or not exists(int k | this.isBarrier(bb.getNode(k), v) | k > i) and diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll +++ b/cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll index 9800e02ccf1..bb98acf0494 100644 --- a/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll +++ b/cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/cpp/ql/lib/semmle/code/cpp/security/Overflow.qll b/cpp/ql/lib/semmle/code/cpp/security/Overflow.qll index a18b30146ec..32428cd30a7 100644 --- a/cpp/ql/lib/semmle/code/cpp/security/Overflow.qll +++ b/cpp/ql/lib/semmle/code/cpp/security/Overflow.qll @@ -25,6 +25,7 @@ predicate guardedAbs(Operation e, Expr use) { * Holds if the value of `use` is guarded to be less than something, and `e` * is in code controlled by that guard (where the guard condition held). */ +pragma[nomagic] predicate guardedLesser(Operation e, Expr use) { exists(GuardCondition c | c.ensuresLt(use, _, _, e.getBasicBlock(), true)) or @@ -35,6 +36,7 @@ predicate guardedLesser(Operation e, Expr use) { * Holds if the value of `use` is guarded to be greater than something, and `e` * is in code controlled by that guard (where the guard condition held). */ +pragma[nomagic] predicate guardedGreater(Operation e, Expr use) { exists(GuardCondition c | c.ensuresLt(use, _, _, e.getBasicBlock(), false)) or diff --git a/cpp/ql/src/CHANGELOG.md b/cpp/ql/src/CHANGELOG.md index 2125fbac519..b2124d444b1 100644 --- a/cpp/ql/src/CHANGELOG.md +++ b/cpp/ql/src/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.0.13 + +## 0.0.12 + +### Minor Analysis Improvements + +* The `cpp/overflow-destination`, `cpp/unclear-array-index-validation`, and `cpp/uncontrolled-allocation-size` queries have been modernized and converted to `path-problem` queries and provide more true positive results. +* The `cpp/system-data-exposure` query has been increased from `medium` to `high` precision, following a number of improvements to the query logic. + ## 0.0.11 ### Breaking Changes diff --git a/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql b/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql index e1fbce93b72..73fcf034096 100644 --- a/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql +++ b/cpp/ql/src/Security/CWE/CWE-078/ExecTainted.ql @@ -116,8 +116,8 @@ class ExecTaintConfiguration extends TaintTracking::Configuration { state instanceof ConcatState } - override predicate isSanitizerOut(DataFlow::Node node, DataFlow::FlowState state) { - isSink(node, state) // Prevent duplicates along a call chain, since `shellCommand` will include wrappers + override predicate isSanitizerOut(DataFlow::Node node) { + isSink(node, _) // Prevent duplicates along a call chain, since `shellCommand` will include wrappers } } diff --git a/cpp/ql/src/change-notes/2022-03-07-system-data-exposure.md b/cpp/ql/src/change-notes/2022-03-07-system-data-exposure.md deleted file mode 100644 index 372a3a8391b..00000000000 --- a/cpp/ql/src/change-notes/2022-03-07-system-data-exposure.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* The `cpp/system-data-exposure` query has been increased from `medium` to `high` precision, following a number of improvements to the query logic. diff --git a/cpp/ql/src/change-notes/2022-03-10-port-three-queries-to-taint-tracking.md b/cpp/ql/src/change-notes/released/0.0.12.md similarity index 53% rename from cpp/ql/src/change-notes/2022-03-10-port-three-queries-to-taint-tracking.md rename to cpp/ql/src/change-notes/released/0.0.12.md index 249249152f7..1d690444435 100644 --- a/cpp/ql/src/change-notes/2022-03-10-port-three-queries-to-taint-tracking.md +++ b/cpp/ql/src/change-notes/released/0.0.12.md @@ -1,4 +1,6 @@ ---- -category: minorAnalysis ---- +## 0.0.12 + +### Minor Analysis Improvements + * The `cpp/overflow-destination`, `cpp/unclear-array-index-validation`, and `cpp/uncontrolled-allocation-size` queries have been modernized and converted to `path-problem` queries and provide more true positive results. +* The `cpp/system-data-exposure` query has been increased from `medium` to `high` precision, following a number of improvements to the query logic. diff --git a/cpp/ql/src/change-notes/released/0.0.13.md b/cpp/ql/src/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/cpp/ql/src/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/cpp/ql/src/codeql-pack.release.yml b/cpp/ql/src/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/cpp/ql/src/codeql-pack.release.yml +++ b/cpp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql b/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql index ed43419e329..a6fac4a40d9 100644 --- a/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql +++ b/cpp/ql/src/experimental/Security/CWE/CWE-020/NoCheckBeforeUnsafePutUser.ql @@ -21,7 +21,7 @@ class WriteAccessCheckMacro extends Macro { VariableAccess va; WriteAccessCheckMacro() { - this.getName() = ["user_write_access_begin", "user_access_begin"] and + this.getName() = ["user_write_access_begin", "user_access_begin", "access_ok"] and va.getEnclosingElement() = this.getAnInvocation().getAnExpandedElement() } @@ -37,7 +37,8 @@ class UnSafePutUserMacro extends Macro { } Expr getUserModePtr() { - result = writeUserPtr.getOperand().(AddressOfExpr).getOperand().(FieldAccess).getQualifier() + result = writeUserPtr.getOperand().(AddressOfExpr).getOperand().(FieldAccess).getQualifier() or + result = writeUserPtr.getOperand() } } @@ -46,11 +47,13 @@ class ExploitableUserModePtrParam extends Parameter { not exists(WriteAccessCheckMacro writeAccessCheck | DataFlow::localFlow(DataFlow::parameterNode(this), DataFlow::exprNode(writeAccessCheck.getArgument())) + ) and + exists(UnSafePutUserMacro unsafePutUser | + DataFlow::localFlow(DataFlow::parameterNode(this), + DataFlow::exprNode(unsafePutUser.getUserModePtr())) ) } } -from ExploitableUserModePtrParam p, UnSafePutUserMacro unsafePutUser -where - DataFlow::localFlow(DataFlow::parameterNode(p), DataFlow::exprNode(unsafePutUser.getUserModePtr())) +from ExploitableUserModePtrParam p select p, "unsafe_put_user write user-mode pointer $@ without check.", p, p.toString() diff --git a/cpp/ql/src/qlpack.yml b/cpp/ql/src/qlpack.yml index a9d08527b8c..b5beb704cf2 100644 --- a/cpp/ql/src/qlpack.yml +++ b/cpp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/cpp-queries -version: 0.0.12-dev +version: 0.1.0-dev groups: - cpp - queries diff --git a/cpp/ql/test/library-tests/ir/ir/PrintAST.expected b/cpp/ql/test/library-tests/ir/ir/PrintAST.expected index 99d1d6b4ee6..af029bf3748 100644 --- a/cpp/ql/test/library-tests/ir/ir/PrintAST.expected +++ b/cpp/ql/test/library-tests/ir/ir/PrintAST.expected @@ -13365,6 +13365,200 @@ ir.cpp: # 1717| : # 1717| getEntryPoint(): [BlockStmt] { ... } # 1717| getStmt(0): [ReturnStmt] return ... +# 1721| [CopyAssignmentOperator] CopyConstructorWithImplicitArgumentClass& CopyConstructorWithImplicitArgumentClass::operator=(CopyConstructorWithImplicitArgumentClass const&) +# 1721| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [LValueReferenceType] const CopyConstructorWithImplicitArgumentClass & +# 1724| [Constructor] void CopyConstructorWithImplicitArgumentClass::CopyConstructorWithImplicitArgumentClass() +# 1724| : +# 1724| : +# 1724| getEntryPoint(): [BlockStmt] { ... } +# 1724| getStmt(0): [ReturnStmt] return ... +# 1725| [CopyConstructor] void CopyConstructorWithImplicitArgumentClass::CopyConstructorWithImplicitArgumentClass(CopyConstructorWithImplicitArgumentClass const&) +# 1725| : +# 1725| getParameter(0): [Parameter] c +# 1725| Type = [LValueReferenceType] const CopyConstructorWithImplicitArgumentClass & +# 1725| : +# 1725| getEntryPoint(): [BlockStmt] { ... } +# 1726| getStmt(0): [ExprStmt] ExprStmt +# 1726| getExpr(): [AssignExpr] ... = ... +# 1726| Type = [IntType] int +# 1726| ValueCategory = lvalue +# 1726| getLValue(): [PointerFieldAccess] x +# 1726| Type = [IntType] int +# 1726| ValueCategory = lvalue +# 1726| getQualifier(): [ThisExpr] this +# 1726| Type = [PointerType] CopyConstructorWithImplicitArgumentClass * +# 1726| ValueCategory = prvalue(load) +# 1726| getRValue(): [ReferenceFieldAccess] x +# 1726| Type = [IntType] int +# 1726| ValueCategory = prvalue(load) +# 1726| getQualifier(): [VariableAccess] c +# 1726| Type = [LValueReferenceType] const CopyConstructorWithImplicitArgumentClass & +# 1726| ValueCategory = prvalue(load) +# 1726| getQualifier().getFullyConverted(): [ReferenceDereferenceExpr] (reference dereference) +# 1726| Type = [SpecifiedType] const CopyConstructorWithImplicitArgumentClass +# 1726| ValueCategory = lvalue +# 1727| getStmt(1): [ReturnStmt] return ... +# 1730| [CopyAssignmentOperator] CopyConstructorWithBitwiseCopyClass& CopyConstructorWithBitwiseCopyClass::operator=(CopyConstructorWithBitwiseCopyClass const&) +# 1730| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [LValueReferenceType] const CopyConstructorWithBitwiseCopyClass & +# 1730| [MoveAssignmentOperator] CopyConstructorWithBitwiseCopyClass& CopyConstructorWithBitwiseCopyClass::operator=(CopyConstructorWithBitwiseCopyClass&&) +# 1730| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [RValueReferenceType] CopyConstructorWithBitwiseCopyClass && +# 1730| [CopyConstructor] void CopyConstructorWithBitwiseCopyClass::CopyConstructorWithBitwiseCopyClass(CopyConstructorWithBitwiseCopyClass const&) +# 1730| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [LValueReferenceType] const CopyConstructorWithBitwiseCopyClass & +# 1730| [MoveConstructor] void CopyConstructorWithBitwiseCopyClass::CopyConstructorWithBitwiseCopyClass(CopyConstructorWithBitwiseCopyClass&&) +# 1730| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [RValueReferenceType] CopyConstructorWithBitwiseCopyClass && +# 1733| [Constructor] void CopyConstructorWithBitwiseCopyClass::CopyConstructorWithBitwiseCopyClass() +# 1733| : +# 1733| : +# 1733| getEntryPoint(): [BlockStmt] { ... } +# 1733| getStmt(0): [ReturnStmt] return ... +# 1736| [CopyAssignmentOperator] CopyConstructorTestNonVirtualClass& CopyConstructorTestNonVirtualClass::operator=(CopyConstructorTestNonVirtualClass const&) +# 1736| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [LValueReferenceType] const CopyConstructorTestNonVirtualClass & +# 1736| [MoveAssignmentOperator] CopyConstructorTestNonVirtualClass& CopyConstructorTestNonVirtualClass::operator=(CopyConstructorTestNonVirtualClass&&) +# 1736| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [RValueReferenceType] CopyConstructorTestNonVirtualClass && +# 1736| [CopyConstructor] void CopyConstructorTestNonVirtualClass::CopyConstructorTestNonVirtualClass(CopyConstructorTestNonVirtualClass const&) +# 1736| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [LValueReferenceType] const CopyConstructorTestNonVirtualClass & +# 1736| : +# 1736| getInitializer(0): [ConstructorDirectInit] call to CopyConstructorWithImplicitArgumentClass +# 1736| Type = [VoidType] void +# 1736| ValueCategory = prvalue +# 1736| getArgument(0): [VariableAccess] (unnamed parameter 0) +# 1736| Type = [LValueReferenceType] const CopyConstructorTestNonVirtualClass & +# 1736| ValueCategory = prvalue(load) +# 1736| getArgument(0).getFullyConverted(): [ReferenceToExpr] (reference to) +# 1736| Type = [LValueReferenceType] const CopyConstructorWithImplicitArgumentClass & +# 1736| ValueCategory = prvalue +# 1736| getExpr(): [CStyleCast] (const CopyConstructorWithImplicitArgumentClass)... +# 1736| Conversion = [BaseClassConversion] base class conversion +# 1736| Type = [SpecifiedType] const CopyConstructorWithImplicitArgumentClass +# 1736| ValueCategory = lvalue +# 1736| getExpr(): [ReferenceDereferenceExpr] (reference dereference) +# 1736| Type = [SpecifiedType] const CopyConstructorTestNonVirtualClass +# 1736| ValueCategory = lvalue +# 1736| getInitializer(1): (no string representation) +# 1736| Type = [VirtualBaseClass] CopyConstructorWithBitwiseCopyClass +# 1736| ValueCategory = prvalue +# 1736| getEntryPoint(): [BlockStmt] { ... } +# 1736| getStmt(0): [ReturnStmt] return ... +# 1736| [MoveConstructor] void CopyConstructorTestNonVirtualClass::CopyConstructorTestNonVirtualClass(CopyConstructorTestNonVirtualClass&&) +# 1736| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [RValueReferenceType] CopyConstructorTestNonVirtualClass && +# 1740| [Constructor] void CopyConstructorTestNonVirtualClass::CopyConstructorTestNonVirtualClass() +# 1740| : +# 1740| : +# 1740| getInitializer(0): [ConstructorDirectInit] call to CopyConstructorWithImplicitArgumentClass +# 1740| Type = [VoidType] void +# 1740| ValueCategory = prvalue +# 1740| getInitializer(1): [ConstructorDirectInit] call to CopyConstructorWithBitwiseCopyClass +# 1740| Type = [VoidType] void +# 1740| ValueCategory = prvalue +# 1740| getEntryPoint(): [BlockStmt] { ... } +# 1740| getStmt(0): [ReturnStmt] return ... +# 1743| [CopyAssignmentOperator] CopyConstructorTestVirtualClass& CopyConstructorTestVirtualClass::operator=(CopyConstructorTestVirtualClass const&) +# 1743| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [LValueReferenceType] const CopyConstructorTestVirtualClass & +# 1743| [MoveAssignmentOperator] CopyConstructorTestVirtualClass& CopyConstructorTestVirtualClass::operator=(CopyConstructorTestVirtualClass&&) +# 1743| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [RValueReferenceType] CopyConstructorTestVirtualClass && +# 1743| [CopyConstructor] void CopyConstructorTestVirtualClass::CopyConstructorTestVirtualClass(CopyConstructorTestVirtualClass const&) +# 1743| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [LValueReferenceType] const CopyConstructorTestVirtualClass & +# 1743| : +# 1743| getInitializer(0): [ConstructorVirtualInit] call to CopyConstructorWithImplicitArgumentClass +# 1743| Type = [VoidType] void +# 1743| ValueCategory = prvalue +# 1743| getArgument(0): [VariableAccess] (unnamed parameter 0) +# 1743| Type = [LValueReferenceType] const CopyConstructorTestVirtualClass & +# 1743| ValueCategory = prvalue(load) +# 1743| getArgument(0).getFullyConverted(): [ReferenceToExpr] (reference to) +# 1743| Type = [LValueReferenceType] const CopyConstructorWithImplicitArgumentClass & +# 1743| ValueCategory = prvalue +# 1743| getExpr(): [CStyleCast] (const CopyConstructorWithImplicitArgumentClass)... +# 1743| Conversion = [BaseClassConversion] base class conversion +# 1743| Type = [SpecifiedType] const CopyConstructorWithImplicitArgumentClass +# 1743| ValueCategory = lvalue +# 1743| getExpr(): [ReferenceDereferenceExpr] (reference dereference) +# 1743| Type = [SpecifiedType] const CopyConstructorTestVirtualClass +# 1743| ValueCategory = lvalue +# 1743| getInitializer(1): (no string representation) +# 1743| Type = [VirtualBaseClass] CopyConstructorWithBitwiseCopyClass +# 1743| ValueCategory = prvalue +# 1743| getEntryPoint(): [BlockStmt] { ... } +# 1743| getStmt(0): [ReturnStmt] return ... +# 1743| [MoveConstructor] void CopyConstructorTestVirtualClass::CopyConstructorTestVirtualClass(CopyConstructorTestVirtualClass&&) +# 1743| : +#-----| getParameter(0): [Parameter] (unnamed parameter 0) +#-----| Type = [RValueReferenceType] CopyConstructorTestVirtualClass && +# 1747| [Constructor] void CopyConstructorTestVirtualClass::CopyConstructorTestVirtualClass() +# 1747| : +# 1747| : +# 1747| getInitializer(0): [ConstructorVirtualInit] call to CopyConstructorWithImplicitArgumentClass +# 1747| Type = [VoidType] void +# 1747| ValueCategory = prvalue +# 1747| getInitializer(1): [ConstructorVirtualInit] call to CopyConstructorWithBitwiseCopyClass +# 1747| Type = [VoidType] void +# 1747| ValueCategory = prvalue +# 1747| getEntryPoint(): [BlockStmt] { ... } +# 1747| getStmt(0): [ReturnStmt] return ... +# 1750| [TopLevelFunction] int implicit_copy_constructor_test(CopyConstructorTestNonVirtualClass const&, CopyConstructorTestVirtualClass const&) +# 1750| : +# 1751| getParameter(0): [Parameter] x +# 1751| Type = [LValueReferenceType] const CopyConstructorTestNonVirtualClass & +# 1752| getParameter(1): [Parameter] y +# 1752| Type = [LValueReferenceType] const CopyConstructorTestVirtualClass & +# 1752| getEntryPoint(): [BlockStmt] { ... } +# 1753| getStmt(0): [DeclStmt] declaration +# 1753| getDeclarationEntry(0): [VariableDeclarationEntry] definition of cx +# 1753| Type = [Class] CopyConstructorTestNonVirtualClass +# 1753| getVariable().getInitializer(): [Initializer] initializer for cx +# 1753| getExpr(): [ConstructorCall] call to CopyConstructorTestNonVirtualClass +# 1753| Type = [VoidType] void +# 1753| ValueCategory = prvalue +# 1753| getArgument(0): [VariableAccess] x +# 1753| Type = [LValueReferenceType] const CopyConstructorTestNonVirtualClass & +# 1753| ValueCategory = prvalue(load) +# 1753| getArgument(0).getFullyConverted(): [ReferenceToExpr] (reference to) +# 1753| Type = [LValueReferenceType] const CopyConstructorTestNonVirtualClass & +# 1753| ValueCategory = prvalue +# 1753| getExpr(): [ReferenceDereferenceExpr] (reference dereference) +# 1753| Type = [SpecifiedType] const CopyConstructorTestNonVirtualClass +# 1753| ValueCategory = lvalue +# 1754| getStmt(1): [DeclStmt] declaration +# 1754| getDeclarationEntry(0): [VariableDeclarationEntry] definition of cy +# 1754| Type = [Class] CopyConstructorTestVirtualClass +# 1754| getVariable().getInitializer(): [Initializer] initializer for cy +# 1754| getExpr(): [ConstructorCall] call to CopyConstructorTestVirtualClass +# 1754| Type = [VoidType] void +# 1754| ValueCategory = prvalue +# 1754| getArgument(0): [VariableAccess] y +# 1754| Type = [LValueReferenceType] const CopyConstructorTestVirtualClass & +# 1754| ValueCategory = prvalue(load) +# 1754| getArgument(0).getFullyConverted(): [ReferenceToExpr] (reference to) +# 1754| Type = [LValueReferenceType] const CopyConstructorTestVirtualClass & +# 1754| ValueCategory = prvalue +# 1754| getExpr(): [ReferenceDereferenceExpr] (reference dereference) +# 1754| Type = [SpecifiedType] const CopyConstructorTestVirtualClass +# 1754| ValueCategory = lvalue +# 1755| getStmt(2): [ReturnStmt] return ... perf-regression.cpp: # 4| [CopyAssignmentOperator] Big& Big::operator=(Big const&) # 4| : diff --git a/cpp/ql/test/library-tests/ir/ir/ir.cpp b/cpp/ql/test/library-tests/ir/ir/ir.cpp index 80f48d1a6e2..4e3006c8901 100644 --- a/cpp/ql/test/library-tests/ir/ir/ir.cpp +++ b/cpp/ql/test/library-tests/ir/ir/ir.cpp @@ -1718,4 +1718,40 @@ void captured_lambda2(TrivialLambdaClass p1, TrivialLambdaClass &p2, TrivialLamb }; } +class CopyConstructorWithImplicitArgumentClass { + int x; +public: + CopyConstructorWithImplicitArgumentClass() {} + CopyConstructorWithImplicitArgumentClass(const CopyConstructorWithImplicitArgumentClass &c) { + x = c.x; + } +}; + +class CopyConstructorWithBitwiseCopyClass { + int y; +public: + CopyConstructorWithBitwiseCopyClass() {} +}; + +class CopyConstructorTestNonVirtualClass : + public CopyConstructorWithImplicitArgumentClass, + public CopyConstructorWithBitwiseCopyClass { +public: + CopyConstructorTestNonVirtualClass() {} +}; + +class CopyConstructorTestVirtualClass : + public virtual CopyConstructorWithImplicitArgumentClass, + public virtual CopyConstructorWithBitwiseCopyClass { +public: + CopyConstructorTestVirtualClass() {} +}; + +int implicit_copy_constructor_test( + const CopyConstructorTestNonVirtualClass &x, + const CopyConstructorTestVirtualClass &y) { + CopyConstructorTestNonVirtualClass cx = x; + CopyConstructorTestVirtualClass cy = y; +} + // semmle-extractor-options: -std=c++17 --clang diff --git a/cpp/ql/test/library-tests/ir/ir/operand_locations.expected b/cpp/ql/test/library-tests/ir/ir/operand_locations.expected index e9deaf0b49f..e893134031f 100644 --- a/cpp/ql/test/library-tests/ir/ir/operand_locations.expected +++ b/cpp/ql/test/library-tests/ir/ir/operand_locations.expected @@ -670,6 +670,10 @@ | file://:0:0:0:0 | Address | &:r0_1 | | file://:0:0:0:0 | Address | &:r0_1 | | file://:0:0:0:0 | Address | &:r0_1 | +| file://:0:0:0:0 | Address | &:r0_1 | +| file://:0:0:0:0 | Address | &:r0_1 | +| file://:0:0:0:0 | Address | &:r0_1 | +| file://:0:0:0:0 | Address | &:r0_1 | | file://:0:0:0:0 | Address | &:r0_2 | | file://:0:0:0:0 | Address | &:r0_3 | | file://:0:0:0:0 | Address | &:r0_3 | @@ -686,6 +690,10 @@ | file://:0:0:0:0 | Address | &:r0_3 | | file://:0:0:0:0 | Address | &:r0_3 | | file://:0:0:0:0 | Address | &:r0_3 | +| file://:0:0:0:0 | Address | &:r0_3 | +| file://:0:0:0:0 | Address | &:r0_3 | +| file://:0:0:0:0 | Address | &:r0_3 | +| file://:0:0:0:0 | Address | &:r0_3 | | file://:0:0:0:0 | Address | &:r0_5 | | file://:0:0:0:0 | Address | &:r0_5 | | file://:0:0:0:0 | Address | &:r0_5 | @@ -746,6 +754,8 @@ | file://:0:0:0:0 | Load | m0_2 | | file://:0:0:0:0 | Load | m0_2 | | file://:0:0:0:0 | Load | m0_2 | +| file://:0:0:0:0 | Load | m0_2 | +| file://:0:0:0:0 | Load | m0_2 | | file://:0:0:0:0 | Load | m745_6 | | file://:0:0:0:0 | Load | m754_6 | | file://:0:0:0:0 | Load | m763_6 | @@ -767,6 +777,8 @@ | file://:0:0:0:0 | SideEffect | m0_4 | | file://:0:0:0:0 | SideEffect | m0_4 | | file://:0:0:0:0 | SideEffect | m0_4 | +| file://:0:0:0:0 | SideEffect | m0_4 | +| file://:0:0:0:0 | SideEffect | m0_4 | | file://:0:0:0:0 | SideEffect | m1078_23 | | file://:0:0:0:0 | SideEffect | m1078_23 | | file://:0:0:0:0 | SideEffect | m1084_23 | @@ -8009,6 +8021,200 @@ | ir.cpp:1717:30:1717:30 | Load | m1717_6 | | ir.cpp:1717:30:1717:30 | SideEffect | m1717_3 | | ir.cpp:1717:30:1717:30 | SideEffect | m1717_8 | +| ir.cpp:1724:5:1724:44 | Address | &:r1724_5 | +| ir.cpp:1724:5:1724:44 | Address | &:r1724_5 | +| ir.cpp:1724:5:1724:44 | Address | &:r1724_7 | +| ir.cpp:1724:5:1724:44 | Address | &:r1724_7 | +| ir.cpp:1724:5:1724:44 | ChiPartial | partial:m1724_3 | +| ir.cpp:1724:5:1724:44 | ChiTotal | total:m1724_2 | +| ir.cpp:1724:5:1724:44 | Load | m1724_6 | +| ir.cpp:1724:5:1724:44 | SideEffect | m1724_3 | +| ir.cpp:1724:5:1724:44 | SideEffect | m1724_8 | +| ir.cpp:1725:5:1725:44 | Address | &:r1725_5 | +| ir.cpp:1725:5:1725:44 | Address | &:r1725_5 | +| ir.cpp:1725:5:1725:44 | Address | &:r1725_7 | +| ir.cpp:1725:5:1725:44 | Address | &:r1725_7 | +| ir.cpp:1725:5:1725:44 | ChiPartial | partial:m1725_3 | +| ir.cpp:1725:5:1725:44 | ChiTotal | total:m1725_2 | +| ir.cpp:1725:5:1725:44 | Load | m1725_6 | +| ir.cpp:1725:5:1725:44 | SideEffect | m1725_3 | +| ir.cpp:1725:5:1725:44 | SideEffect | m1726_10 | +| ir.cpp:1725:94:1725:94 | Address | &:r1725_9 | +| ir.cpp:1725:94:1725:94 | Address | &:r1725_9 | +| ir.cpp:1725:94:1725:94 | Address | &:r1725_11 | +| ir.cpp:1725:94:1725:94 | Address | &:r1725_11 | +| ir.cpp:1725:94:1725:94 | Load | m1725_10 | +| ir.cpp:1725:94:1725:94 | SideEffect | m1725_12 | +| ir.cpp:1726:9:1726:9 | Address | &:r1726_6 | +| ir.cpp:1726:9:1726:9 | Address | &:r1726_8 | +| ir.cpp:1726:9:1726:9 | Load | m1725_6 | +| ir.cpp:1726:9:1726:9 | Unary | r1726_7 | +| ir.cpp:1726:9:1726:15 | ChiPartial | partial:m1726_9 | +| ir.cpp:1726:9:1726:15 | ChiTotal | total:m1725_8 | +| ir.cpp:1726:13:1726:13 | Address | &:r1726_1 | +| ir.cpp:1726:13:1726:13 | Load | m1725_10 | +| ir.cpp:1726:13:1726:13 | Unary | r1726_2 | +| ir.cpp:1726:13:1726:13 | Unary | r1726_3 | +| ir.cpp:1726:15:1726:15 | Address | &:r1726_4 | +| ir.cpp:1726:15:1726:15 | Load | ~m1725_12 | +| ir.cpp:1726:15:1726:15 | StoreValue | r1726_5 | +| ir.cpp:1733:5:1733:39 | Address | &:r1733_5 | +| ir.cpp:1733:5:1733:39 | Address | &:r1733_5 | +| ir.cpp:1733:5:1733:39 | Address | &:r1733_7 | +| ir.cpp:1733:5:1733:39 | Address | &:r1733_7 | +| ir.cpp:1733:5:1733:39 | ChiPartial | partial:m1733_3 | +| ir.cpp:1733:5:1733:39 | ChiTotal | total:m1733_2 | +| ir.cpp:1733:5:1733:39 | Load | m1733_6 | +| ir.cpp:1733:5:1733:39 | SideEffect | m1733_3 | +| ir.cpp:1733:5:1733:39 | SideEffect | m1733_8 | +| ir.cpp:1736:7:1736:7 | Address | &:r1736_5 | +| ir.cpp:1736:7:1736:7 | Address | &:r1736_5 | +| ir.cpp:1736:7:1736:7 | Address | &:r1736_7 | +| ir.cpp:1736:7:1736:7 | Address | &:r1736_7 | +| ir.cpp:1736:7:1736:7 | Address | &:r1736_9 | +| ir.cpp:1736:7:1736:7 | Address | &:r1736_11 | +| ir.cpp:1736:7:1736:7 | Address | &:r1736_15 | +| ir.cpp:1736:7:1736:7 | Arg(0) | 0:r1736_15 | +| ir.cpp:1736:7:1736:7 | Arg(this) | this:r1736_9 | +| ir.cpp:1736:7:1736:7 | CallTarget | func:r1736_10 | +| ir.cpp:1736:7:1736:7 | ChiPartial | partial:m1736_3 | +| ir.cpp:1736:7:1736:7 | ChiPartial | partial:m1736_17 | +| ir.cpp:1736:7:1736:7 | ChiPartial | partial:m1736_20 | +| ir.cpp:1736:7:1736:7 | ChiTotal | total:m1736_2 | +| ir.cpp:1736:7:1736:7 | ChiTotal | total:m1736_4 | +| ir.cpp:1736:7:1736:7 | ChiTotal | total:m1736_8 | +| ir.cpp:1736:7:1736:7 | Load | m0_2 | +| ir.cpp:1736:7:1736:7 | Load | m1736_6 | +| ir.cpp:1736:7:1736:7 | SideEffect | m1736_21 | +| ir.cpp:1736:7:1736:7 | SideEffect | ~m0_4 | +| ir.cpp:1736:7:1736:7 | SideEffect | ~m1736_4 | +| ir.cpp:1736:7:1736:7 | SideEffect | ~m1736_18 | +| ir.cpp:1736:7:1736:7 | Unary | m1736_6 | +| ir.cpp:1736:7:1736:7 | Unary | r1736_12 | +| ir.cpp:1736:7:1736:7 | Unary | r1736_13 | +| ir.cpp:1736:7:1736:7 | Unary | r1736_14 | +| ir.cpp:1740:5:1740:38 | Address | &:r1740_5 | +| ir.cpp:1740:5:1740:38 | Address | &:r1740_5 | +| ir.cpp:1740:5:1740:38 | Address | &:r1740_7 | +| ir.cpp:1740:5:1740:38 | Address | &:r1740_7 | +| ir.cpp:1740:5:1740:38 | ChiPartial | partial:m1740_3 | +| ir.cpp:1740:5:1740:38 | ChiTotal | total:m1740_2 | +| ir.cpp:1740:5:1740:38 | Load | m1740_6 | +| ir.cpp:1740:5:1740:38 | SideEffect | m1740_22 | +| ir.cpp:1740:5:1740:38 | SideEffect | ~m1740_20 | +| ir.cpp:1740:5:1740:38 | Unary | m1740_6 | +| ir.cpp:1740:5:1740:38 | Unary | m1740_6 | +| ir.cpp:1740:42:1740:42 | Address | &:r1740_9 | +| ir.cpp:1740:42:1740:42 | Address | &:r1740_16 | +| ir.cpp:1740:42:1740:42 | Arg(this) | this:r1740_9 | +| ir.cpp:1740:42:1740:42 | Arg(this) | this:r1740_16 | +| ir.cpp:1740:42:1740:42 | CallTarget | func:r1740_10 | +| ir.cpp:1740:42:1740:42 | CallTarget | func:r1740_17 | +| ir.cpp:1740:42:1740:42 | ChiPartial | partial:m1740_12 | +| ir.cpp:1740:42:1740:42 | ChiPartial | partial:m1740_14 | +| ir.cpp:1740:42:1740:42 | ChiPartial | partial:m1740_19 | +| ir.cpp:1740:42:1740:42 | ChiPartial | partial:m1740_21 | +| ir.cpp:1740:42:1740:42 | ChiTotal | total:m1740_4 | +| ir.cpp:1740:42:1740:42 | ChiTotal | total:m1740_8 | +| ir.cpp:1740:42:1740:42 | ChiTotal | total:m1740_13 | +| ir.cpp:1740:42:1740:42 | ChiTotal | total:m1740_15 | +| ir.cpp:1740:42:1740:42 | SideEffect | ~m1740_4 | +| ir.cpp:1740:42:1740:42 | SideEffect | ~m1740_13 | +| ir.cpp:1743:7:1743:7 | Address | &:r1743_5 | +| ir.cpp:1743:7:1743:7 | Address | &:r1743_5 | +| ir.cpp:1743:7:1743:7 | Address | &:r1743_7 | +| ir.cpp:1743:7:1743:7 | Address | &:r1743_7 | +| ir.cpp:1743:7:1743:7 | Address | &:r1743_9 | +| ir.cpp:1743:7:1743:7 | Address | &:r1743_11 | +| ir.cpp:1743:7:1743:7 | Address | &:r1743_15 | +| ir.cpp:1743:7:1743:7 | Arg(0) | 0:r1743_15 | +| ir.cpp:1743:7:1743:7 | Arg(this) | this:r1743_9 | +| ir.cpp:1743:7:1743:7 | CallTarget | func:r1743_10 | +| ir.cpp:1743:7:1743:7 | ChiPartial | partial:m1743_3 | +| ir.cpp:1743:7:1743:7 | ChiPartial | partial:m1743_17 | +| ir.cpp:1743:7:1743:7 | ChiPartial | partial:m1743_20 | +| ir.cpp:1743:7:1743:7 | ChiTotal | total:m1743_2 | +| ir.cpp:1743:7:1743:7 | ChiTotal | total:m1743_4 | +| ir.cpp:1743:7:1743:7 | ChiTotal | total:m1743_18 | +| ir.cpp:1743:7:1743:7 | Load | m0_2 | +| ir.cpp:1743:7:1743:7 | Load | m1743_6 | +| ir.cpp:1743:7:1743:7 | SideEffect | m1743_8 | +| ir.cpp:1743:7:1743:7 | SideEffect | ~m0_4 | +| ir.cpp:1743:7:1743:7 | SideEffect | ~m1743_4 | +| ir.cpp:1743:7:1743:7 | SideEffect | ~m1743_21 | +| ir.cpp:1743:7:1743:7 | Unary | m1743_6 | +| ir.cpp:1743:7:1743:7 | Unary | r1743_12 | +| ir.cpp:1743:7:1743:7 | Unary | r1743_13 | +| ir.cpp:1743:7:1743:7 | Unary | r1743_14 | +| ir.cpp:1747:5:1747:35 | Address | &:r1747_5 | +| ir.cpp:1747:5:1747:35 | Address | &:r1747_5 | +| ir.cpp:1747:5:1747:35 | Address | &:r1747_7 | +| ir.cpp:1747:5:1747:35 | Address | &:r1747_7 | +| ir.cpp:1747:5:1747:35 | ChiPartial | partial:m1747_3 | +| ir.cpp:1747:5:1747:35 | ChiTotal | total:m1747_2 | +| ir.cpp:1747:5:1747:35 | Load | m1747_6 | +| ir.cpp:1747:5:1747:35 | SideEffect | m1747_8 | +| ir.cpp:1747:5:1747:35 | SideEffect | ~m1747_22 | +| ir.cpp:1747:5:1747:35 | Unary | m1747_6 | +| ir.cpp:1747:5:1747:35 | Unary | m1747_6 | +| ir.cpp:1747:39:1747:39 | Address | &:r1747_9 | +| ir.cpp:1747:39:1747:39 | Address | &:r1747_16 | +| ir.cpp:1747:39:1747:39 | Arg(this) | this:r1747_9 | +| ir.cpp:1747:39:1747:39 | Arg(this) | this:r1747_16 | +| ir.cpp:1747:39:1747:39 | CallTarget | func:r1747_10 | +| ir.cpp:1747:39:1747:39 | CallTarget | func:r1747_17 | +| ir.cpp:1747:39:1747:39 | ChiPartial | partial:m1747_12 | +| ir.cpp:1747:39:1747:39 | ChiPartial | partial:m1747_14 | +| ir.cpp:1747:39:1747:39 | ChiPartial | partial:m1747_19 | +| ir.cpp:1747:39:1747:39 | ChiPartial | partial:m1747_21 | +| ir.cpp:1747:39:1747:39 | ChiTotal | total:m1747_4 | +| ir.cpp:1747:39:1747:39 | ChiTotal | total:m1747_13 | +| ir.cpp:1747:39:1747:39 | ChiTotal | total:m1747_15 | +| ir.cpp:1747:39:1747:39 | ChiTotal | total:m1747_20 | +| ir.cpp:1747:39:1747:39 | SideEffect | ~m1747_4 | +| ir.cpp:1747:39:1747:39 | SideEffect | ~m1747_15 | +| ir.cpp:1750:5:1750:34 | ChiPartial | partial:m1750_3 | +| ir.cpp:1750:5:1750:34 | ChiTotal | total:m1750_2 | +| ir.cpp:1751:51:1751:51 | Address | &:r1751_1 | +| ir.cpp:1751:51:1751:51 | Address | &:r1751_1 | +| ir.cpp:1751:51:1751:51 | Address | &:r1751_3 | +| ir.cpp:1751:51:1751:51 | Load | m1751_2 | +| ir.cpp:1752:48:1752:48 | Address | &:r1752_1 | +| ir.cpp:1752:48:1752:48 | Address | &:r1752_1 | +| ir.cpp:1752:48:1752:48 | Address | &:r1752_3 | +| ir.cpp:1752:48:1752:48 | Load | m1752_2 | +| ir.cpp:1753:40:1753:41 | Address | &:r1753_1 | +| ir.cpp:1753:40:1753:41 | Address | &:r1753_1 | +| ir.cpp:1753:40:1753:41 | Arg(this) | this:r1753_1 | +| ir.cpp:1753:44:1753:45 | CallTarget | func:r1753_3 | +| ir.cpp:1753:44:1753:45 | ChiPartial | partial:m1753_9 | +| ir.cpp:1753:44:1753:45 | ChiPartial | partial:m1753_12 | +| ir.cpp:1753:44:1753:45 | ChiTotal | total:m1750_4 | +| ir.cpp:1753:44:1753:45 | ChiTotal | total:m1753_2 | +| ir.cpp:1753:44:1753:45 | SideEffect | ~m1750_4 | +| ir.cpp:1753:45:1753:45 | Address | &:r1753_4 | +| ir.cpp:1753:45:1753:45 | Address | &:r1753_7 | +| ir.cpp:1753:45:1753:45 | Arg(0) | 0:r1753_7 | +| ir.cpp:1753:45:1753:45 | Load | m1751_2 | +| ir.cpp:1753:45:1753:45 | SideEffect | ~m1751_4 | +| ir.cpp:1753:45:1753:45 | Unary | r1753_5 | +| ir.cpp:1753:45:1753:45 | Unary | r1753_6 | +| ir.cpp:1754:37:1754:38 | Address | &:r1754_1 | +| ir.cpp:1754:37:1754:38 | Address | &:r1754_1 | +| ir.cpp:1754:37:1754:38 | Arg(this) | this:r1754_1 | +| ir.cpp:1754:41:1754:42 | CallTarget | func:r1754_3 | +| ir.cpp:1754:41:1754:42 | ChiPartial | partial:m1754_9 | +| ir.cpp:1754:41:1754:42 | ChiPartial | partial:m1754_12 | +| ir.cpp:1754:41:1754:42 | ChiTotal | total:m1753_10 | +| ir.cpp:1754:41:1754:42 | ChiTotal | total:m1754_2 | +| ir.cpp:1754:41:1754:42 | SideEffect | ~m1753_10 | +| ir.cpp:1754:42:1754:42 | Address | &:r1754_4 | +| ir.cpp:1754:42:1754:42 | Address | &:r1754_7 | +| ir.cpp:1754:42:1754:42 | Arg(0) | 0:r1754_7 | +| ir.cpp:1754:42:1754:42 | Load | m1752_2 | +| ir.cpp:1754:42:1754:42 | SideEffect | ~m1752_4 | +| ir.cpp:1754:42:1754:42 | Unary | r1754_5 | +| ir.cpp:1754:42:1754:42 | Unary | r1754_6 | | perf-regression.cpp:6:3:6:5 | Address | &:r6_5 | | perf-regression.cpp:6:3:6:5 | Address | &:r6_5 | | perf-regression.cpp:6:3:6:5 | Address | &:r6_7 | diff --git a/cpp/ql/test/library-tests/ir/ir/raw_consistency.expected b/cpp/ql/test/library-tests/ir/ir/raw_consistency.expected index 826c3beedf1..9575759051e 100644 --- a/cpp/ql/test/library-tests/ir/ir/raw_consistency.expected +++ b/cpp/ql/test/library-tests/ir/ir/raw_consistency.expected @@ -18,6 +18,8 @@ lostReachability backEdgeCountMismatch useNotDominatedByDefinition | ir.cpp:1486:8:1486:8 | Unary | Operand 'Unary' is not dominated by its definition in function '$@'. | ir.cpp:1486:8:1486:8 | void StructuredBindingDataMemberStruct::StructuredBindingDataMemberStruct() | void StructuredBindingDataMemberStruct::StructuredBindingDataMemberStruct() | +| ir.cpp:1751:51:1751:51 | Address | Operand 'Address' is not dominated by its definition in function '$@'. | ir.cpp:1750:5:1750:34 | int implicit_copy_constructor_test(CopyConstructorTestNonVirtualClass const&, CopyConstructorTestVirtualClass const&) | int implicit_copy_constructor_test(CopyConstructorTestNonVirtualClass const&, CopyConstructorTestVirtualClass const&) | +| ir.cpp:1752:48:1752:48 | Address | Operand 'Address' is not dominated by its definition in function '$@'. | ir.cpp:1750:5:1750:34 | int implicit_copy_constructor_test(CopyConstructorTestNonVirtualClass const&, CopyConstructorTestVirtualClass const&) | int implicit_copy_constructor_test(CopyConstructorTestNonVirtualClass const&, CopyConstructorTestVirtualClass const&) | switchInstructionWithoutDefaultEdge notMarkedAsConflated wronglyMarkedAsConflated diff --git a/cpp/ql/test/library-tests/ir/ir/raw_ir.expected b/cpp/ql/test/library-tests/ir/ir/raw_ir.expected index d0ecc9ace66..3f49642c4fb 100644 --- a/cpp/ql/test/library-tests/ir/ir/raw_ir.expected +++ b/cpp/ql/test/library-tests/ir/ir/raw_ir.expected @@ -9202,6 +9202,222 @@ ir.cpp: # 1717| v1717_11(void) = AliasedUse : ~m? # 1717| v1717_12(void) = ExitFunction : +# 1724| void CopyConstructorWithImplicitArgumentClass::CopyConstructorWithImplicitArgumentClass() +# 1724| Block 0 +# 1724| v1724_1(void) = EnterFunction : +# 1724| mu1724_2(unknown) = AliasedDefinition : +# 1724| mu1724_3(unknown) = InitializeNonLocal : +# 1724| r1724_4(glval) = VariableAddress[#this] : +# 1724| mu1724_5(glval) = InitializeParameter[#this] : &:r1724_4 +# 1724| r1724_6(glval) = Load[#this] : &:r1724_4, ~m? +# 1724| mu1724_7(CopyConstructorWithImplicitArgumentClass) = InitializeIndirection[#this] : &:r1724_6 +# 1724| v1724_8(void) = NoOp : +# 1724| v1724_9(void) = ReturnIndirection[#this] : &:r1724_6, ~m? +# 1724| v1724_10(void) = ReturnVoid : +# 1724| v1724_11(void) = AliasedUse : ~m? +# 1724| v1724_12(void) = ExitFunction : + +# 1725| void CopyConstructorWithImplicitArgumentClass::CopyConstructorWithImplicitArgumentClass(CopyConstructorWithImplicitArgumentClass const&) +# 1725| Block 0 +# 1725| v1725_1(void) = EnterFunction : +# 1725| mu1725_2(unknown) = AliasedDefinition : +# 1725| mu1725_3(unknown) = InitializeNonLocal : +# 1725| r1725_4(glval) = VariableAddress[#this] : +# 1725| mu1725_5(glval) = InitializeParameter[#this] : &:r1725_4 +# 1725| r1725_6(glval) = Load[#this] : &:r1725_4, ~m? +# 1725| mu1725_7(CopyConstructorWithImplicitArgumentClass) = InitializeIndirection[#this] : &:r1725_6 +# 1725| r1725_8(glval) = VariableAddress[c] : +# 1725| mu1725_9(CopyConstructorWithImplicitArgumentClass &) = InitializeParameter[c] : &:r1725_8 +# 1725| r1725_10(CopyConstructorWithImplicitArgumentClass &) = Load[c] : &:r1725_8, ~m? +# 1725| mu1725_11(unknown) = InitializeIndirection[c] : &:r1725_10 +# 1726| r1726_1(glval) = VariableAddress[c] : +# 1726| r1726_2(CopyConstructorWithImplicitArgumentClass &) = Load[c] : &:r1726_1, ~m? +# 1726| r1726_3(glval) = CopyValue : r1726_2 +# 1726| r1726_4(glval) = FieldAddress[x] : r1726_3 +# 1726| r1726_5(int) = Load[?] : &:r1726_4, ~m? +# 1726| r1726_6(glval) = VariableAddress[#this] : +# 1726| r1726_7(CopyConstructorWithImplicitArgumentClass *) = Load[#this] : &:r1726_6, ~m? +# 1726| r1726_8(glval) = FieldAddress[x] : r1726_7 +# 1726| mu1726_9(int) = Store[?] : &:r1726_8, r1726_5 +# 1727| v1727_1(void) = NoOp : +# 1725| v1725_12(void) = ReturnIndirection[#this] : &:r1725_6, ~m? +# 1725| v1725_13(void) = ReturnIndirection[c] : &:r1725_10, ~m? +# 1725| v1725_14(void) = ReturnVoid : +# 1725| v1725_15(void) = AliasedUse : ~m? +# 1725| v1725_16(void) = ExitFunction : + +# 1733| void CopyConstructorWithBitwiseCopyClass::CopyConstructorWithBitwiseCopyClass() +# 1733| Block 0 +# 1733| v1733_1(void) = EnterFunction : +# 1733| mu1733_2(unknown) = AliasedDefinition : +# 1733| mu1733_3(unknown) = InitializeNonLocal : +# 1733| r1733_4(glval) = VariableAddress[#this] : +# 1733| mu1733_5(glval) = InitializeParameter[#this] : &:r1733_4 +# 1733| r1733_6(glval) = Load[#this] : &:r1733_4, ~m? +# 1733| mu1733_7(CopyConstructorWithBitwiseCopyClass) = InitializeIndirection[#this] : &:r1733_6 +# 1733| v1733_8(void) = NoOp : +# 1733| v1733_9(void) = ReturnIndirection[#this] : &:r1733_6, ~m? +# 1733| v1733_10(void) = ReturnVoid : +# 1733| v1733_11(void) = AliasedUse : ~m? +# 1733| v1733_12(void) = ExitFunction : + +# 1736| void CopyConstructorTestNonVirtualClass::CopyConstructorTestNonVirtualClass(CopyConstructorTestNonVirtualClass const&) +# 1736| Block 0 +# 1736| v1736_1(void) = EnterFunction : +# 1736| mu1736_2(unknown) = AliasedDefinition : +# 1736| mu1736_3(unknown) = InitializeNonLocal : +# 1736| r1736_4(glval) = VariableAddress[#this] : +# 1736| mu1736_5(glval) = InitializeParameter[#this] : &:r1736_4 +# 1736| r1736_6(glval) = Load[#this] : &:r1736_4, ~m? +# 1736| mu1736_7(CopyConstructorTestNonVirtualClass) = InitializeIndirection[#this] : &:r1736_6 +#-----| r0_1(glval) = VariableAddress[(unnamed parameter 0)] : +#-----| mu0_2(CopyConstructorTestNonVirtualClass &) = InitializeParameter[(unnamed parameter 0)] : &:r0_1 +#-----| r0_3(CopyConstructorTestNonVirtualClass &) = Load[(unnamed parameter 0)] : &:r0_1, ~m? +#-----| mu0_4(unknown) = InitializeIndirection[(unnamed parameter 0)] : &:r0_3 +# 1736| r1736_8(glval) = ConvertToNonVirtualBase[CopyConstructorTestNonVirtualClass : CopyConstructorWithImplicitArgumentClass] : mu1736_5 +# 1736| r1736_9(glval) = FunctionAddress[CopyConstructorWithImplicitArgumentClass] : +# 1736| r1736_10(glval) = VariableAddress[(unnamed parameter 0)] : +# 1736| r1736_11(CopyConstructorTestNonVirtualClass &) = Load[(unnamed parameter 0)] : &:r1736_10, ~m? +# 1736| r1736_12(glval) = CopyValue : r1736_11 +# 1736| r1736_13(glval) = ConvertToNonVirtualBase[CopyConstructorTestNonVirtualClass : CopyConstructorWithImplicitArgumentClass] : r1736_12 +# 1736| r1736_14(CopyConstructorWithImplicitArgumentClass &) = CopyValue : r1736_13 +# 1736| v1736_15(void) = Call[CopyConstructorWithImplicitArgumentClass] : func:r1736_9, this:r1736_8, 0:r1736_14 +# 1736| mu1736_16(unknown) = ^CallSideEffect : ~m? +# 1736| v1736_17(void) = ^BufferReadSideEffect[0] : &:r1736_14, ~m? +# 1736| mu1736_18(CopyConstructorWithImplicitArgumentClass) = ^IndirectMayWriteSideEffect[-1] : &:r1736_8 +# 1736| v1736_19(void) = NoOp : +# 1736| v1736_20(void) = ReturnIndirection[#this] : &:r1736_6, ~m? +#-----| v0_5(void) = ReturnIndirection[(unnamed parameter 0)] : &:r0_3, ~m? +# 1736| v1736_21(void) = ReturnVoid : +# 1736| v1736_22(void) = AliasedUse : ~m? +# 1736| v1736_23(void) = ExitFunction : + +# 1740| void CopyConstructorTestNonVirtualClass::CopyConstructorTestNonVirtualClass() +# 1740| Block 0 +# 1740| v1740_1(void) = EnterFunction : +# 1740| mu1740_2(unknown) = AliasedDefinition : +# 1740| mu1740_3(unknown) = InitializeNonLocal : +# 1740| r1740_4(glval) = VariableAddress[#this] : +# 1740| mu1740_5(glval) = InitializeParameter[#this] : &:r1740_4 +# 1740| r1740_6(glval) = Load[#this] : &:r1740_4, ~m? +# 1740| mu1740_7(CopyConstructorTestNonVirtualClass) = InitializeIndirection[#this] : &:r1740_6 +# 1740| r1740_8(glval) = ConvertToNonVirtualBase[CopyConstructorTestNonVirtualClass : CopyConstructorWithImplicitArgumentClass] : mu1740_5 +# 1740| r1740_9(glval) = FunctionAddress[CopyConstructorWithImplicitArgumentClass] : +# 1740| v1740_10(void) = Call[CopyConstructorWithImplicitArgumentClass] : func:r1740_9, this:r1740_8 +# 1740| mu1740_11(unknown) = ^CallSideEffect : ~m? +# 1740| mu1740_12(CopyConstructorWithImplicitArgumentClass) = ^IndirectMayWriteSideEffect[-1] : &:r1740_8 +# 1740| r1740_13(glval) = ConvertToNonVirtualBase[CopyConstructorTestNonVirtualClass : CopyConstructorWithBitwiseCopyClass] : mu1740_5 +# 1740| r1740_14(glval) = FunctionAddress[CopyConstructorWithBitwiseCopyClass] : +# 1740| v1740_15(void) = Call[CopyConstructorWithBitwiseCopyClass] : func:r1740_14, this:r1740_13 +# 1740| mu1740_16(unknown) = ^CallSideEffect : ~m? +# 1740| mu1740_17(CopyConstructorWithBitwiseCopyClass) = ^IndirectMayWriteSideEffect[-1] : &:r1740_13 +# 1740| v1740_18(void) = NoOp : +# 1740| v1740_19(void) = ReturnIndirection[#this] : &:r1740_6, ~m? +# 1740| v1740_20(void) = ReturnVoid : +# 1740| v1740_21(void) = AliasedUse : ~m? +# 1740| v1740_22(void) = ExitFunction : + +# 1743| void CopyConstructorTestVirtualClass::CopyConstructorTestVirtualClass(CopyConstructorTestVirtualClass const&) +# 1743| Block 0 +# 1743| v1743_1(void) = EnterFunction : +# 1743| mu1743_2(unknown) = AliasedDefinition : +# 1743| mu1743_3(unknown) = InitializeNonLocal : +# 1743| r1743_4(glval) = VariableAddress[#this] : +# 1743| mu1743_5(glval) = InitializeParameter[#this] : &:r1743_4 +# 1743| r1743_6(glval) = Load[#this] : &:r1743_4, ~m? +# 1743| mu1743_7(CopyConstructorTestVirtualClass) = InitializeIndirection[#this] : &:r1743_6 +#-----| r0_1(glval) = VariableAddress[(unnamed parameter 0)] : +#-----| mu0_2(CopyConstructorTestVirtualClass &) = InitializeParameter[(unnamed parameter 0)] : &:r0_1 +#-----| r0_3(CopyConstructorTestVirtualClass &) = Load[(unnamed parameter 0)] : &:r0_1, ~m? +#-----| mu0_4(unknown) = InitializeIndirection[(unnamed parameter 0)] : &:r0_3 +# 1743| r1743_8(glval) = ConvertToNonVirtualBase[CopyConstructorTestVirtualClass : CopyConstructorWithImplicitArgumentClass] : mu1743_5 +# 1743| r1743_9(glval) = FunctionAddress[CopyConstructorWithImplicitArgumentClass] : +# 1743| r1743_10(glval) = VariableAddress[(unnamed parameter 0)] : +# 1743| r1743_11(CopyConstructorTestVirtualClass &) = Load[(unnamed parameter 0)] : &:r1743_10, ~m? +# 1743| r1743_12(glval) = CopyValue : r1743_11 +# 1743| r1743_13(glval) = ConvertToVirtualBase[CopyConstructorTestVirtualClass : CopyConstructorWithImplicitArgumentClass] : r1743_12 +# 1743| r1743_14(CopyConstructorWithImplicitArgumentClass &) = CopyValue : r1743_13 +# 1743| v1743_15(void) = Call[CopyConstructorWithImplicitArgumentClass] : func:r1743_9, this:r1743_8, 0:r1743_14 +# 1743| mu1743_16(unknown) = ^CallSideEffect : ~m? +# 1743| v1743_17(void) = ^BufferReadSideEffect[0] : &:r1743_14, ~m? +# 1743| mu1743_18(CopyConstructorWithImplicitArgumentClass) = ^IndirectMayWriteSideEffect[-1] : &:r1743_8 +# 1743| v1743_19(void) = NoOp : +# 1743| v1743_20(void) = ReturnIndirection[#this] : &:r1743_6, ~m? +#-----| v0_5(void) = ReturnIndirection[(unnamed parameter 0)] : &:r0_3, ~m? +# 1743| v1743_21(void) = ReturnVoid : +# 1743| v1743_22(void) = AliasedUse : ~m? +# 1743| v1743_23(void) = ExitFunction : + +# 1747| void CopyConstructorTestVirtualClass::CopyConstructorTestVirtualClass() +# 1747| Block 0 +# 1747| v1747_1(void) = EnterFunction : +# 1747| mu1747_2(unknown) = AliasedDefinition : +# 1747| mu1747_3(unknown) = InitializeNonLocal : +# 1747| r1747_4(glval) = VariableAddress[#this] : +# 1747| mu1747_5(glval) = InitializeParameter[#this] : &:r1747_4 +# 1747| r1747_6(glval) = Load[#this] : &:r1747_4, ~m? +# 1747| mu1747_7(CopyConstructorTestVirtualClass) = InitializeIndirection[#this] : &:r1747_6 +# 1747| r1747_8(glval) = ConvertToNonVirtualBase[CopyConstructorTestVirtualClass : CopyConstructorWithImplicitArgumentClass] : mu1747_5 +# 1747| r1747_9(glval) = FunctionAddress[CopyConstructorWithImplicitArgumentClass] : +# 1747| v1747_10(void) = Call[CopyConstructorWithImplicitArgumentClass] : func:r1747_9, this:r1747_8 +# 1747| mu1747_11(unknown) = ^CallSideEffect : ~m? +# 1747| mu1747_12(CopyConstructorWithImplicitArgumentClass) = ^IndirectMayWriteSideEffect[-1] : &:r1747_8 +# 1747| r1747_13(glval) = ConvertToNonVirtualBase[CopyConstructorTestVirtualClass : CopyConstructorWithBitwiseCopyClass] : mu1747_5 +# 1747| r1747_14(glval) = FunctionAddress[CopyConstructorWithBitwiseCopyClass] : +# 1747| v1747_15(void) = Call[CopyConstructorWithBitwiseCopyClass] : func:r1747_14, this:r1747_13 +# 1747| mu1747_16(unknown) = ^CallSideEffect : ~m? +# 1747| mu1747_17(CopyConstructorWithBitwiseCopyClass) = ^IndirectMayWriteSideEffect[-1] : &:r1747_13 +# 1747| v1747_18(void) = NoOp : +# 1747| v1747_19(void) = ReturnIndirection[#this] : &:r1747_6, ~m? +# 1747| v1747_20(void) = ReturnVoid : +# 1747| v1747_21(void) = AliasedUse : ~m? +# 1747| v1747_22(void) = ExitFunction : + +# 1750| int implicit_copy_constructor_test(CopyConstructorTestNonVirtualClass const&, CopyConstructorTestVirtualClass const&) +# 1750| Block 0 +# 1750| v1750_1(void) = EnterFunction : +# 1750| mu1750_2(unknown) = AliasedDefinition : +# 1750| mu1750_3(unknown) = InitializeNonLocal : +# 1751| r1751_1(glval) = VariableAddress[x] : +# 1751| mu1751_2(CopyConstructorTestNonVirtualClass &) = InitializeParameter[x] : &:r1751_1 +# 1751| r1751_3(CopyConstructorTestNonVirtualClass &) = Load[x] : &:r1751_1, ~m? +# 1751| mu1751_4(unknown) = InitializeIndirection[x] : &:r1751_3 +# 1752| r1752_1(glval) = VariableAddress[y] : +# 1752| mu1752_2(CopyConstructorTestVirtualClass &) = InitializeParameter[y] : &:r1752_1 +# 1752| r1752_3(CopyConstructorTestVirtualClass &) = Load[y] : &:r1752_1, ~m? +# 1752| mu1752_4(unknown) = InitializeIndirection[y] : &:r1752_3 +# 1753| r1753_1(glval) = VariableAddress[cx] : +# 1753| mu1753_2(CopyConstructorTestNonVirtualClass) = Uninitialized[cx] : &:r1753_1 +# 1753| r1753_3(glval) = FunctionAddress[CopyConstructorTestNonVirtualClass] : +# 1753| r1753_4(glval) = VariableAddress[x] : +# 1753| r1753_5(CopyConstructorTestNonVirtualClass &) = Load[x] : &:r1753_4, ~m? +# 1753| r1753_6(glval) = CopyValue : r1753_5 +# 1753| r1753_7(CopyConstructorTestNonVirtualClass &) = CopyValue : r1753_6 +# 1753| v1753_8(void) = Call[CopyConstructorTestNonVirtualClass] : func:r1753_3, this:r1753_1, 0:r1753_7 +# 1753| mu1753_9(unknown) = ^CallSideEffect : ~m? +# 1753| v1753_10(void) = ^BufferReadSideEffect[0] : &:r1753_7, ~m? +# 1753| mu1753_11(CopyConstructorTestNonVirtualClass) = ^IndirectMayWriteSideEffect[-1] : &:r1753_1 +# 1754| r1754_1(glval) = VariableAddress[cy] : +# 1754| mu1754_2(CopyConstructorTestVirtualClass) = Uninitialized[cy] : &:r1754_1 +# 1754| r1754_3(glval) = FunctionAddress[CopyConstructorTestVirtualClass] : +# 1754| r1754_4(glval) = VariableAddress[y] : +# 1754| r1754_5(CopyConstructorTestVirtualClass &) = Load[y] : &:r1754_4, ~m? +# 1754| r1754_6(glval) = CopyValue : r1754_5 +# 1754| r1754_7(CopyConstructorTestVirtualClass &) = CopyValue : r1754_6 +# 1754| v1754_8(void) = Call[CopyConstructorTestVirtualClass] : func:r1754_3, this:r1754_1, 0:r1754_7 +# 1754| mu1754_9(unknown) = ^CallSideEffect : ~m? +# 1754| v1754_10(void) = ^BufferReadSideEffect[0] : &:r1754_7, ~m? +# 1754| mu1754_11(CopyConstructorTestVirtualClass) = ^IndirectMayWriteSideEffect[-1] : &:r1754_1 +# 1755| v1755_1(void) = Unreached : + +# 1751| Block 1 +# 1751| v1751_5(void) = ReturnIndirection[x] : &:r1751_3, ~m? +# 1752| v1752_5(void) = ReturnIndirection[y] : &:r1752_3, ~m? +# 1750| r1750_4(glval) = VariableAddress[#return] : +# 1750| v1750_5(void) = ReturnValue : &:r1750_4, ~m? +# 1750| v1750_6(void) = AliasedUse : ~m? +# 1750| v1750_7(void) = ExitFunction : + perf-regression.cpp: # 6| void Big::Big() # 6| Block 0 diff --git a/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected b/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected index 5da25abb88a..3cd449300e5 100644 --- a/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected +++ b/cpp/ql/test/library-tests/syntax-zoo/dataflow-consistency.expected @@ -123,3 +123,4 @@ postWithInFlow | misc.c:220:4:220:5 | sp [inner post update] | PostUpdateNode should not be the target of local flow. | | static_init_templates.cpp:3:2:3:4 | ref [post update] | PostUpdateNode should not be the target of local flow. | | static_init_templates.cpp:21:2:21:4 | val [post update] | PostUpdateNode should not be the target of local flow. | +| try_catch.cpp:7:8:7:8 | call to exception | PostUpdateNode should not be the target of local flow. | diff --git a/csharp/downgrades/qlpack.yml b/csharp/downgrades/qlpack.yml index 760b6156a00..c326f44bb0d 100644 --- a/csharp/downgrades/qlpack.yml +++ b/csharp/downgrades/qlpack.yml @@ -1,5 +1,4 @@ name: codeql/csharp-downgrades groups: csharp -version: 0.0.6-dev downgrades: . -library: true \ No newline at end of file +library: true diff --git a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md index 1fa8e6a97a1..e8a163935b1 100644 --- a/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/lib/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.7 + +## 1.0.6 + ## 1.0.5 ## 1.0.4 diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.6.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.6.md new file mode 100644 index 00000000000..60834c3f336 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.6.md @@ -0,0 +1 @@ +## 1.0.6 diff --git a/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.7.md b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.7.md new file mode 100644 index 00000000000..2520d204eb2 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/lib/change-notes/released/1.0.7.md @@ -0,0 +1 @@ +## 1.0.7 diff --git a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml index 42da17b3841..8e3e6bf2704 100644 --- a/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.7 diff --git a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml index 2306b6e3f7a..27669a90e89 100644 --- a/csharp/ql/campaigns/Solorigate/lib/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/lib/qlpack.yml @@ -1,8 +1,8 @@ name: codeql/csharp-solorigate-all -version: 1.0.6-dev +version: 1.1.0-dev groups: - csharp - solorigate library: true dependencies: - codeql/csharp-all: ~0.0.3 + codeql/csharp-all: "*" diff --git a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md index 1fa8e6a97a1..e8a163935b1 100644 --- a/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md +++ b/csharp/ql/campaigns/Solorigate/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.0.7 + +## 1.0.6 + ## 1.0.5 ## 1.0.4 diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.6.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.6.md new file mode 100644 index 00000000000..60834c3f336 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.6.md @@ -0,0 +1 @@ +## 1.0.6 diff --git a/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.7.md b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.7.md new file mode 100644 index 00000000000..2520d204eb2 --- /dev/null +++ b/csharp/ql/campaigns/Solorigate/src/change-notes/released/1.0.7.md @@ -0,0 +1 @@ +## 1.0.7 diff --git a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml index 42da17b3841..8e3e6bf2704 100644 --- a/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml +++ b/csharp/ql/campaigns/Solorigate/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 1.0.5 +lastReleaseVersion: 1.0.7 diff --git a/csharp/ql/campaigns/Solorigate/src/qlpack.yml b/csharp/ql/campaigns/Solorigate/src/qlpack.yml index e066d816c4b..f44a7d03e47 100644 --- a/csharp/ql/campaigns/Solorigate/src/qlpack.yml +++ b/csharp/ql/campaigns/Solorigate/src/qlpack.yml @@ -1,9 +1,9 @@ name: codeql/csharp-solorigate-queries -version: 1.0.6-dev +version: 1.1.0-dev groups: - csharp - solorigate defaultSuiteFile: codeql-suites/solorigate.qls dependencies: - codeql/csharp-all: ~0.0.3 - codeql/csharp-solorigate-all: ^1.0 + codeql/csharp-all: "*" + codeql/csharp-solorigate-all: "*" diff --git a/csharp/ql/lib/CHANGELOG.md b/csharp/ql/lib/CHANGELOG.md index 68e312fb659..fbc579d04b7 100644 --- a/csharp/ql/lib/CHANGELOG.md +++ b/csharp/ql/lib/CHANGELOG.md @@ -1,3 +1,24 @@ +## 0.0.13 + +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. + ## 0.0.11 ### Breaking Changes diff --git a/csharp/ql/lib/change-notes/2022-02-07-deleted-deprecations.md b/csharp/ql/lib/change-notes/2022-02-07-deleted-deprecations.md deleted file mode 100644 index e8da1e8e158..00000000000 --- a/csharp/ql/lib/change-notes/2022-02-07-deleted-deprecations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md b/csharp/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md deleted file mode 100644 index a79f286aacd..00000000000 --- a/csharp/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/csharp/ql/lib/change-notes/2022-03-14-flow-state-barriers.md b/csharp/ql/lib/change-notes/2022-03-14-flow-state-barriers.md deleted file mode 100644 index af6247a66fa..00000000000 --- a/csharp/ql/lib/change-notes/2022-03-14-flow-state-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. diff --git a/csharp/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md b/csharp/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md deleted file mode 100644 index 3481d507db3..00000000000 --- a/csharp/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. diff --git a/csharp/ql/lib/change-notes/released/0.0.12.md b/csharp/ql/lib/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..2be5a554dbb --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.0.12.md @@ -0,0 +1,18 @@ +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. diff --git a/csharp/ql/lib/change-notes/released/0.0.13.md b/csharp/ql/lib/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/csharp/ql/lib/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/csharp/ql/lib/codeql-pack.release.yml b/csharp/ql/lib/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/csharp/ql/lib/codeql-pack.release.yml +++ b/csharp/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/csharp/ql/lib/qlpack.yml b/csharp/ql/lib/qlpack.yml index d17d3a6388c..916beebd1bf 100644 --- a/csharp/ql/lib/qlpack.yml +++ b/csharp/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-all -version: 0.0.12-dev +version: 0.1.0-dev groups: csharp dbscheme: semmlecode.csharp.dbscheme extractor: csharp diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll index 80d1f40c199..34578833a06 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/ExternalFlow.qll @@ -162,10 +162,17 @@ private predicate sinkModel(string row) { any(SinkModelCsv s).row(row) } private predicate summaryModel(string row) { any(SummaryModelCsv s).row(row) } +bindingset[input] +private predicate getKind(string input, string kind, boolean generated) { + input.splitAt(":", 0) = "generated" and kind = input.splitAt(":", 1) and generated = true + or + not input.matches("%:%") and kind = input and generated = false +} + /** Holds if a source model exists for the given parameters. */ predicate sourceModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string output, string kind + string output, string kind, boolean generated ) { exists(string row | sourceModel(row) and @@ -177,14 +184,14 @@ predicate sourceModel( row.splitAt(";", 4) = signature and row.splitAt(";", 5) = ext and row.splitAt(";", 6) = output and - row.splitAt(";", 7) = kind + exists(string k | row.splitAt(";", 7) = k and getKind(k, kind, generated)) ) } /** Holds if a sink model exists for the given parameters. */ predicate sinkModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string kind + string input, string kind, boolean generated ) { exists(string row | sinkModel(row) and @@ -196,14 +203,14 @@ predicate sinkModel( row.splitAt(";", 4) = signature and row.splitAt(";", 5) = ext and row.splitAt(";", 6) = input and - row.splitAt(";", 7) = kind + exists(string k | row.splitAt(";", 7) = k and getKind(k, kind, generated)) ) } /** Holds if a summary model exists for the given parameters. */ predicate summaryModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind + string input, string output, string kind, boolean generated ) { exists(string row | summaryModel(row) and @@ -216,14 +223,14 @@ predicate summaryModel( row.splitAt(";", 5) = ext and row.splitAt(";", 6) = input and row.splitAt(";", 7) = output and - row.splitAt(";", 8) = kind + exists(string k | row.splitAt(";", 8) = k and getKind(k, kind, generated)) ) } private predicate relevantNamespace(string namespace) { - sourceModel(namespace, _, _, _, _, _, _, _) or - sinkModel(namespace, _, _, _, _, _, _, _) or - summaryModel(namespace, _, _, _, _, _, _, _, _) + sourceModel(namespace, _, _, _, _, _, _, _, _) or + sinkModel(namespace, _, _, _, _, _, _, _, _) or + summaryModel(namespace, _, _, _, _, _, _, _, _, _) } private predicate namespaceLink(string shortns, string longns) { @@ -251,25 +258,25 @@ predicate modelCoverage(string namespace, int namespaces, string kind, string pa part = "source" and n = strictcount(string subns, string type, boolean subtypes, string name, string signature, - string ext, string output | + string ext, string output, boolean generated | canonicalNamespaceLink(namespace, subns) and - sourceModel(subns, type, subtypes, name, signature, ext, output, kind) + sourceModel(subns, type, subtypes, name, signature, ext, output, kind, generated) ) or part = "sink" and n = strictcount(string subns, string type, boolean subtypes, string name, string signature, - string ext, string input | + string ext, string input, boolean generated | canonicalNamespaceLink(namespace, subns) and - sinkModel(subns, type, subtypes, name, signature, ext, input, kind) + sinkModel(subns, type, subtypes, name, signature, ext, input, kind, generated) ) or part = "summary" and n = strictcount(string subns, string type, boolean subtypes, string name, string signature, - string ext, string input, string output | + string ext, string input, string output, boolean generated | canonicalNamespaceLink(namespace, subns) and - summaryModel(subns, type, subtypes, name, signature, ext, input, output, kind) + summaryModel(subns, type, subtypes, name, signature, ext, input, output, kind, generated) ) ) } @@ -279,11 +286,11 @@ module CsvValidation { /** Holds if some row in a CSV-based flow model appears to contain typos. */ query predicate invalidModelRow(string msg) { exists(string pred, string namespace, string type, string name, string signature, string ext | - sourceModel(namespace, type, _, name, signature, ext, _, _) and pred = "source" + sourceModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "source" or - sinkModel(namespace, type, _, name, signature, ext, _, _) and pred = "sink" + sinkModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "sink" or - summaryModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "summary" + summaryModel(namespace, type, _, name, signature, ext, _, _, _, _) and pred = "summary" | not namespace.regexpMatch("[a-zA-Z0-9_\\.]+") and msg = "Dubious namespace \"" + namespace + "\" in " + pred + " model." @@ -302,9 +309,9 @@ module CsvValidation { ) or exists(string pred, AccessPath input, string part | - sinkModel(_, _, _, _, _, _, input, _) and pred = "sink" + sinkModel(_, _, _, _, _, _, input, _, _) and pred = "sink" or - summaryModel(_, _, _, _, _, _, input, _, _) and pred = "summary" + summaryModel(_, _, _, _, _, _, input, _, _, _) and pred = "summary" | ( invalidSpecComponent(input, part) and @@ -319,9 +326,9 @@ module CsvValidation { ) or exists(string pred, string output, string part | - sourceModel(_, _, _, _, _, _, output, _) and pred = "source" + sourceModel(_, _, _, _, _, _, output, _, _) and pred = "source" or - summaryModel(_, _, _, _, _, _, _, output, _) and pred = "summary" + summaryModel(_, _, _, _, _, _, _, output, _, _) and pred = "summary" | invalidSpecComponent(output, part) and not part = "" and @@ -351,20 +358,23 @@ module CsvValidation { ) ) or - exists(string row, string kind | summaryModel(row) | - kind = row.splitAt(";", 8) and + exists(string row, string k, string kind | summaryModel(row) | + k = row.splitAt(";", 8) and + getKind(k, kind, _) and not kind = ["taint", "value"] and msg = "Invalid kind \"" + kind + "\" in summary model." ) or - exists(string row, string kind | sinkModel(row) | - kind = row.splitAt(";", 7) and + exists(string row, string k, string kind | sinkModel(row) | + k = row.splitAt(";", 7) and + getKind(k, kind, _) and not kind = ["code", "sql", "xss", "remote", "html"] and msg = "Invalid kind \"" + kind + "\" in sink model." ) or - exists(string row, string kind | sourceModel(row) | - kind = row.splitAt(";", 7) and + exists(string row, string k, string kind | sourceModel(row) | + k = row.splitAt(";", 7) and + getKind(k, kind, _) and not kind = "local" and msg = "Invalid kind \"" + kind + "\" in source model." ) @@ -374,9 +384,9 @@ module CsvValidation { private predicate elementSpec( string namespace, string type, boolean subtypes, string name, string signature, string ext ) { - sourceModel(namespace, type, subtypes, name, signature, ext, _, _) or - sinkModel(namespace, type, subtypes, name, signature, ext, _, _) or - summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _) + sourceModel(namespace, type, subtypes, name, signature, ext, _, _, _) or + sinkModel(namespace, type, subtypes, name, signature, ext, _, _, _) or + summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _, _) } private predicate elementSpec( @@ -502,6 +512,13 @@ Element interpretElement( ) } +/** + * Holds if `c` has a `generated` summary. + */ +predicate hasSummary(DataFlowCallable c, boolean generated) { + summaryElement(c, _, _, _, generated) +} + cached private module Cached { /** diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll index 9800e02ccf1..bb98acf0494 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll index 9800e02ccf1..bb98acf0494 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll index 9800e02ccf1..bb98acf0494 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll index 9800e02ccf1..bb98acf0494 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll index 9800e02ccf1..bb98acf0494 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll index 2ef2d847a3b..52701d1a118 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImpl.qll @@ -806,10 +806,10 @@ module Private { module External { /** Holds if `spec` is a relevant external specification. */ private predicate relevantSpec(string spec) { - summaryElement(_, spec, _, _) or - summaryElement(_, _, spec, _) or - sourceElement(_, spec, _) or - sinkElement(_, spec, _) + summaryElement(_, spec, _, _, _) or + summaryElement(_, _, spec, _, _) or + sourceElement(_, spec, _, _) or + sinkElement(_, spec, _, _) } private class AccessPathRange extends AccessPath::Range { @@ -875,13 +875,20 @@ module Private { } private class SummarizedCallableExternal extends SummarizedCallable { - SummarizedCallableExternal() { summaryElement(this, _, _, _) } + SummarizedCallableExternal() { summaryElement(this, _, _, _, _) } + + private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { + summaryElement(this, inSpec, outSpec, kind, false) + or + summaryElement(this, inSpec, outSpec, kind, true) and + not summaryElement(this, _, _, _, false) + } override predicate propagatesFlow( SummaryComponentStack input, SummaryComponentStack output, boolean preservesValue ) { exists(AccessPath inSpec, AccessPath outSpec, string kind | - summaryElement(this, inSpec, outSpec, kind) and + this.relevantSummaryElement(inSpec, outSpec, kind) and interpretSpec(inSpec, input) and interpretSpec(outSpec, output) | @@ -910,7 +917,7 @@ module Private { private predicate sourceElementRef(InterpretNode ref, AccessPath output, string kind) { exists(SourceOrSinkElement e | - sourceElement(e, output, kind) and + sourceElement(e, output, kind, _) and if outputNeedsReference(output.getToken(0)) then e = ref.getCallTarget() else e = ref.asElement() @@ -919,7 +926,7 @@ module Private { private predicate sinkElementRef(InterpretNode ref, AccessPath input, string kind) { exists(SourceOrSinkElement e | - sinkElement(e, input, kind) and + sinkElement(e, input, kind, _) and if inputNeedsReference(input.getToken(0)) then e = ref.getCallTarget() else e = ref.asElement() diff --git a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll index 0d34fa5b68c..45535607b77 100644 --- a/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/csharp/ql/lib/semmle/code/csharp/dataflow/internal/FlowSummaryImplSpecific.qll @@ -85,39 +85,44 @@ DataFlowType getCallbackReturnType(DataFlowType t, ReturnKind rk) { /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, and kind `kind`. + * `input`, output specification `output`, kind `kind`, and a flag `generated` + * stating whether the summary is autogenerated. */ -predicate summaryElement(DataFlowCallable c, string input, string output, string kind) { +predicate summaryElement( + DataFlowCallable c, string input, string output, string kind, boolean generated +) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind) and + summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, generated) and c = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** * Holds if an external source specification exists for `e` with output specification - * `output` and kind `kind`. + * `output`, kind `kind`, and a flag `generated` stating whether the source specification is + * autogenerated. */ -predicate sourceElement(Element e, string output, string kind) { +predicate sourceElement(Element e, string output, string kind, boolean generated) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sourceModel(namespace, type, subtypes, name, signature, ext, output, kind) and + sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, generated) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** - * Holds if an external sink specification exists for `n` with input specification - * `input` and kind `kind`. + * Holds if an external sink specification exists for `e` with input specification + * `input`, kind `kind` and a flag `generated` stating whether the sink specification is + * autogenerated. */ -predicate sinkElement(Element e, string input, string kind) { +predicate sinkElement(Element e, string input, string kind, boolean generated) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sinkModel(namespace, type, subtypes, name, signature, ext, input, kind) and + sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, generated) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } diff --git a/csharp/ql/src/CHANGELOG.md b/csharp/ql/src/CHANGELOG.md index dc356239a96..96d9cf50877 100644 --- a/csharp/ql/src/CHANGELOG.md +++ b/csharp/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.13 + +## 0.0.12 + ## 0.0.11 ### Minor Analysis Improvements diff --git a/csharp/ql/src/change-notes/released/0.0.12.md b/csharp/ql/src/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..a8e2f0b468e --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.0.12.md @@ -0,0 +1 @@ +## 0.0.12 diff --git a/csharp/ql/src/change-notes/released/0.0.13.md b/csharp/ql/src/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/csharp/ql/src/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/csharp/ql/src/codeql-pack.release.yml b/csharp/ql/src/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/csharp/ql/src/codeql-pack.release.yml +++ b/csharp/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/csharp/ql/src/qlpack.yml b/csharp/ql/src/qlpack.yml index a15e7a8f71d..7375f2937ac 100644 --- a/csharp/ql/src/qlpack.yml +++ b/csharp/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/csharp-queries -version: 0.0.12-dev +version: 0.1.0-dev groups: - csharp - queries diff --git a/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql b/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql new file mode 100644 index 00000000000..d4dd1f72de3 --- /dev/null +++ b/csharp/ql/src/utils/model-generator/CaptureDiscardedSummaryModels.ql @@ -0,0 +1,13 @@ +/** + * @name Capture discarded summary models. + * @description Finds summary models that are discarded as handwritten counterparts exist. + * @id csharp/utils/model-generator/discarded-summary-models + */ + +private import semmle.code.csharp.dataflow.ExternalFlow +private import internal.CaptureModels +private import internal.CaptureFlow + +from TargetApi api, string flow +where flow = captureFlow(api) and hasSummary(api, false) +select flow order by flow diff --git a/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql b/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql index 86daa135371..74a3b64636d 100644 --- a/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureSinkModels.ql @@ -1,6 +1,7 @@ /** * @name Capture sink models. * @description Finds public methods that act as sinks as they flow into a a known sink. + * @kind diagnostic * @id cs/utils/model-generator/sink-models */ diff --git a/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql b/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql index e236aa8493f..df8c873f065 100644 --- a/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureSourceModels.ql @@ -1,6 +1,7 @@ /** * @name Capture source models. * @description Finds APIs that act as sources as they expose already known sources. + * @kind diagnostic * @id cs/utils/model-generator/source-models */ diff --git a/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql b/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql index 2cfbe93e716..8e3b324f9f4 100644 --- a/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql +++ b/csharp/ql/src/utils/model-generator/CaptureSummaryModels.ql @@ -1,91 +1,14 @@ /** * @name Capture summary models. * @description Finds applicable summary models to be used by other queries. + * @kind diagnostic * @id cs/utils/model-generator/summary-models */ +private import semmle.code.csharp.dataflow.ExternalFlow private import internal.CaptureModels - -/** - * Capture fluent APIs that return `this`. - * Example of a fluent API: - * ```csharp - * public class BasicFlow { - * public BasicFlow ReturnThis(object input) - * { - * // some side effect - * return this; - * } - * ``` - * Captured Model: - * ```Summaries;BasicFlow;false;ReturnThis;(System.Object);Argument[Qualifier];ReturnValue;value``` - * Capture APIs that transfer taint from an input parameter to an output return - * value or parameter. - * Allows a sequence of read steps followed by a sequence of store steps. - * - * Examples: - * - * ```csharp - * public class BasicFlow { - * private string tainted; - * - * public String ReturnField() - * { - * return tainted; - * } - * - * public void AssignFieldToArray(object[] target) - * { - * target[0] = tainted; - * } - * } - * ``` - * Captured Models: - * ``` - * Summaries;BasicFlow;false;ReturnField;();Argument[Qualifier];ReturnValue;taint | - * Summaries;BasicFlow;false;AssignFieldToArray;(System.Object[]);Argument[Qualifier];Argument[0].Element;taint - * ``` - * - * ```csharp - * public class BasicFlow { - * private string tainted; - * - * public void SetField(string s) - * { - * tainted = s; - * } - * } - * ``` - * Captured Model: - * ```Summaries;BasicFlow;false;SetField;(System.String);Argument[0];Argument[Qualifier];taint``` - * - * ```csharp - * public class BasicFlow { - * public void ReturnSubstring(string s) - * { - * return s.Substring(0, 1); - * } - * } - * ``` - * Captured Model: - * ```Summaries;BasicFlow;false;ReturnSubstring;(System.String);Argument[0];ReturnValue;taint``` - * - * ```csharp - * public class BasicFlow { - * public void AssignToArray(int data, int[] target) - * { - * target[0] = data; - * } - * } - * ``` - * Captured Model: - * ```Summaries;BasicFlow;false;AssignToArray;(System.Int32,System.Int32[]);Argument[0];Argument[1].Element;taint``` - */ -private string captureFlow(TargetApi api) { - result = captureQualifierFlow(api) or - result = captureThroughFlow(api) -} +private import internal.CaptureFlow from TargetApi api, string flow -where flow = captureFlow(api) +where flow = captureFlow(api) and not hasSummary(api, false) select flow order by flow diff --git a/csharp/ql/src/utils/model-generator/internal/CaptureFlow.qll b/csharp/ql/src/utils/model-generator/internal/CaptureFlow.qll new file mode 100644 index 00000000000..249615f900c --- /dev/null +++ b/csharp/ql/src/utils/model-generator/internal/CaptureFlow.qll @@ -0,0 +1,81 @@ +private import CaptureModels + +/** + * Capture fluent APIs that return `this`. + * Example of a fluent API: + * ```csharp + * public class BasicFlow { + * public BasicFlow ReturnThis(object input) + * { + * // some side effect + * return this; + * } + * ``` + * Captured Model: + * ```Summaries;BasicFlow;false;ReturnThis;(System.Object);Argument[Qualifier];ReturnValue;value``` + * Capture APIs that transfer taint from an input parameter to an output return + * value or parameter. + * Allows a sequence of read steps followed by a sequence of store steps. + * + * Examples: + * + * ```csharp + * public class BasicFlow { + * private string tainted; + * + * public String ReturnField() + * { + * return tainted; + * } + * + * public void AssignFieldToArray(object[] target) + * { + * target[0] = tainted; + * } + * } + * ``` + * Captured Models: + * ``` + * Summaries;BasicFlow;false;ReturnField;();Argument[Qualifier];ReturnValue;taint | + * Summaries;BasicFlow;false;AssignFieldToArray;(System.Object[]);Argument[Qualifier];Argument[0].Element;taint + * ``` + * + * ```csharp + * public class BasicFlow { + * private string tainted; + * + * public void SetField(string s) + * { + * tainted = s; + * } + * } + * ``` + * Captured Model: + * ```Summaries;BasicFlow;false;SetField;(System.String);Argument[0];Argument[Qualifier];taint``` + * + * ```csharp + * public class BasicFlow { + * public void ReturnSubstring(string s) + * { + * return s.Substring(0, 1); + * } + * } + * ``` + * Captured Model: + * ```Summaries;BasicFlow;false;ReturnSubstring;(System.String);Argument[0];ReturnValue;taint``` + * + * ```csharp + * public class BasicFlow { + * public void AssignToArray(int data, int[] target) + * { + * target[0] = data; + * } + * } + * ``` + * Captured Model: + * ```Summaries;BasicFlow;false;AssignToArray;(System.Int32,System.Int32[]);Argument[0];Argument[1].Element;taint``` + */ +string captureFlow(TargetApi api) { + result = captureQualifierFlow(api) or + result = captureThroughFlow(api) +} diff --git a/csharp/ql/src/utils/model-generator/internal/CaptureModels.qll b/csharp/ql/src/utils/model-generator/internal/CaptureModels.qll index fc16b82b461..81f13d978dd 100644 --- a/csharp/ql/src/utils/model-generator/internal/CaptureModels.qll +++ b/csharp/ql/src/utils/model-generator/internal/CaptureModels.qll @@ -44,7 +44,7 @@ private string asSummaryModel(TargetApi api, string input, string output, string result = asPartialModel(api) + input + ";" // + output + ";" // - + kind + + "generated:" + kind } /** @@ -68,7 +68,7 @@ private string asTaintModel(TargetApi api, string input, string output) { */ bindingset[input, kind] private string asSinkModel(TargetApi api, string input, string kind) { - result = asPartialModel(api) + input + ";" + kind + result = asPartialModel(api) + input + ";" + "generated:" + kind } /** @@ -76,7 +76,7 @@ private string asSinkModel(TargetApi api, string input, string kind) { */ bindingset[output, kind] private string asSourceModel(TargetApi api, string output, string kind) { - result = asPartialModel(api) + output + ";" + kind + result = asPartialModel(api) + output + ";" + "generated:" + kind } /** diff --git a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs index 92f1a042ce0..26b6936543f 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs +++ b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.cs @@ -169,4 +169,39 @@ namespace My.Qltest set { throw null; } } } + + public class G + { + void M1() + { + var o = new object(); + Sink(GeneratedFlow(o)); + } + + void M2() + { + var o1 = new object(); + Sink(GeneratedFlowArgs(o1, null)); + + var o2 = new object(); + Sink(GeneratedFlowArgs(null, o2)); + } + + void M3() + { + var o1 = new object(); + Sink(MixedFlowArgs(o1, null)); + + var o2 = new object(); + Sink(MixedFlowArgs(null, o2)); + } + + object GeneratedFlow(object o) => throw null; + + object GeneratedFlowArgs(object o1, object o2) => throw null; + + object MixedFlowArgs(object o1, object o2) => throw null; + + static void Sink(object o) { } + } } \ No newline at end of file diff --git a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected index 82fa4fd190b..cf22a1ee1b1 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected +++ b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.expected @@ -56,6 +56,14 @@ edges | ExternalFlow.cs:111:13:111:13 | [post] access to local variable f [field MyField] : Object | ExternalFlow.cs:112:18:112:18 | access to local variable f [field MyField] : Object | | ExternalFlow.cs:111:24:111:35 | object creation of type Object : Object | ExternalFlow.cs:111:13:111:13 | [post] access to local variable f [field MyField] : Object | | ExternalFlow.cs:112:18:112:18 | access to local variable f [field MyField] : Object | ExternalFlow.cs:112:18:112:25 | access to property MyProp | +| ExternalFlow.cs:177:21:177:32 | object creation of type Object : Object | ExternalFlow.cs:178:32:178:32 | access to local variable o : Object | +| ExternalFlow.cs:178:32:178:32 | access to local variable o : Object | ExternalFlow.cs:178:18:178:33 | call to method GeneratedFlow | +| ExternalFlow.cs:183:22:183:33 | object creation of type Object : Object | ExternalFlow.cs:184:36:184:37 | access to local variable o1 : Object | +| ExternalFlow.cs:184:36:184:37 | access to local variable o1 : Object | ExternalFlow.cs:184:18:184:44 | call to method GeneratedFlowArgs | +| ExternalFlow.cs:186:22:186:33 | object creation of type Object : Object | ExternalFlow.cs:187:42:187:43 | access to local variable o2 : Object | +| ExternalFlow.cs:187:42:187:43 | access to local variable o2 : Object | ExternalFlow.cs:187:18:187:44 | call to method GeneratedFlowArgs | +| ExternalFlow.cs:195:22:195:33 | object creation of type Object : Object | ExternalFlow.cs:196:38:196:39 | access to local variable o2 : Object | +| ExternalFlow.cs:196:38:196:39 | access to local variable o2 : Object | ExternalFlow.cs:196:18:196:40 | call to method MixedFlowArgs | nodes | ExternalFlow.cs:9:27:9:38 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | | ExternalFlow.cs:10:18:10:33 | call to method StepArgRes | semmle.label | call to method StepArgRes | @@ -130,6 +138,18 @@ nodes | ExternalFlow.cs:111:24:111:35 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | | ExternalFlow.cs:112:18:112:18 | access to local variable f [field MyField] : Object | semmle.label | access to local variable f [field MyField] : Object | | ExternalFlow.cs:112:18:112:25 | access to property MyProp | semmle.label | access to property MyProp | +| ExternalFlow.cs:177:21:177:32 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | +| ExternalFlow.cs:178:18:178:33 | call to method GeneratedFlow | semmle.label | call to method GeneratedFlow | +| ExternalFlow.cs:178:32:178:32 | access to local variable o : Object | semmle.label | access to local variable o : Object | +| ExternalFlow.cs:183:22:183:33 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | +| ExternalFlow.cs:184:18:184:44 | call to method GeneratedFlowArgs | semmle.label | call to method GeneratedFlowArgs | +| ExternalFlow.cs:184:36:184:37 | access to local variable o1 : Object | semmle.label | access to local variable o1 : Object | +| ExternalFlow.cs:186:22:186:33 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | +| ExternalFlow.cs:187:18:187:44 | call to method GeneratedFlowArgs | semmle.label | call to method GeneratedFlowArgs | +| ExternalFlow.cs:187:42:187:43 | access to local variable o2 : Object | semmle.label | access to local variable o2 : Object | +| ExternalFlow.cs:195:22:195:33 | object creation of type Object : Object | semmle.label | object creation of type Object : Object | +| ExternalFlow.cs:196:18:196:40 | call to method MixedFlowArgs | semmle.label | call to method MixedFlowArgs | +| ExternalFlow.cs:196:38:196:39 | access to local variable o2 : Object | semmle.label | access to local variable o2 : Object | subpaths invalidModelRow #select @@ -152,3 +172,7 @@ invalidModelRow | ExternalFlow.cs:102:22:102:22 | access to parameter d | ExternalFlow.cs:98:24:98:35 | object creation of type Object : Object | ExternalFlow.cs:102:22:102:22 | access to parameter d | $@ | ExternalFlow.cs:98:24:98:35 | object creation of type Object : Object | object creation of type Object : Object | | ExternalFlow.cs:104:18:104:25 | access to field Field | ExternalFlow.cs:98:24:98:35 | object creation of type Object : Object | ExternalFlow.cs:104:18:104:25 | access to field Field | $@ | ExternalFlow.cs:98:24:98:35 | object creation of type Object : Object | object creation of type Object : Object | | ExternalFlow.cs:112:18:112:25 | access to property MyProp | ExternalFlow.cs:111:24:111:35 | object creation of type Object : Object | ExternalFlow.cs:112:18:112:25 | access to property MyProp | $@ | ExternalFlow.cs:111:24:111:35 | object creation of type Object : Object | object creation of type Object : Object | +| ExternalFlow.cs:178:18:178:33 | call to method GeneratedFlow | ExternalFlow.cs:177:21:177:32 | object creation of type Object : Object | ExternalFlow.cs:178:18:178:33 | call to method GeneratedFlow | $@ | ExternalFlow.cs:177:21:177:32 | object creation of type Object : Object | object creation of type Object : Object | +| ExternalFlow.cs:184:18:184:44 | call to method GeneratedFlowArgs | ExternalFlow.cs:183:22:183:33 | object creation of type Object : Object | ExternalFlow.cs:184:18:184:44 | call to method GeneratedFlowArgs | $@ | ExternalFlow.cs:183:22:183:33 | object creation of type Object : Object | object creation of type Object : Object | +| ExternalFlow.cs:187:18:187:44 | call to method GeneratedFlowArgs | ExternalFlow.cs:186:22:186:33 | object creation of type Object : Object | ExternalFlow.cs:187:18:187:44 | call to method GeneratedFlowArgs | $@ | ExternalFlow.cs:186:22:186:33 | object creation of type Object : Object | object creation of type Object : Object | +| ExternalFlow.cs:196:18:196:40 | call to method MixedFlowArgs | ExternalFlow.cs:195:22:195:33 | object creation of type Object : Object | ExternalFlow.cs:196:18:196:40 | call to method MixedFlowArgs | $@ | ExternalFlow.cs:195:22:195:33 | object creation of type Object : Object | object creation of type Object : Object | diff --git a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ql b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ql index 56605f49d11..316cd8ef0b7 100644 --- a/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ql +++ b/csharp/ql/test/library-tests/dataflow/external-models/ExternalFlow.ql @@ -30,7 +30,12 @@ class SummaryModelTest extends SummaryModelCsv { "My.Qltest;D;false;Map<,>;(S[],System.Func);;Argument[1].ReturnValue;ReturnValue.Element;value", "My.Qltest;D;false;Parse;(System.String,System.Int32);;Argument[0];Argument[1];taint", "My.Qltest;E;true;get_MyProp;();;Argument[Qualifier].Field[My.Qltest.E.MyField];ReturnValue;value", - "My.Qltest;E;true;set_MyProp;(System.Object);;Argument[0];Argument[Qualifier].Field[My.Qltest.E.MyField];value" + "My.Qltest;E;true;set_MyProp;(System.Object);;Argument[0];Argument[Qualifier].Field[My.Qltest.E.MyField];value", + "My.Qltest;G;false;GeneratedFlow;(System.Object);;Argument[0];ReturnValue;generated:value", + "My.Qltest;G;false;GeneratedFlowArgs;(System.Object,System.Object);;Argument[0];ReturnValue;generated:value", + "My.Qltest;G;false;GeneratedFlowArgs;(System.Object,System.Object);;Argument[1];ReturnValue;generated:value", + "My.Qltest;G;false;MixedFlowArgs;(System.Object,System.Object);;Argument[0];ReturnValue;generated:value", + "My.Qltest;G;false;MixedFlowArgs;(System.Object,System.Object);;Argument[1];ReturnValue;value", ] } } diff --git a/csharp/ql/test/utils/model-generator/CaptureSinkModels.expected b/csharp/ql/test/utils/model-generator/CaptureSinkModels.expected index 5aa4f8d4ce9..63cbcbb9cc0 100644 --- a/csharp/ql/test/utils/model-generator/CaptureSinkModels.expected +++ b/csharp/ql/test/utils/model-generator/CaptureSinkModels.expected @@ -1,4 +1,4 @@ -| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[Qualifier];html | -| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[Qualifier];html | -| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];html | -| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];html | +| Sinks;NewSinks;false;WrapFieldResponseWriteFile;();;Argument[Qualifier];generated:html | +| Sinks;NewSinks;false;WrapPropResponseWriteFile;();;Argument[Qualifier];generated:html | +| Sinks;NewSinks;false;WrapResponseWrite;(System.Object);;Argument[0];generated:html | +| Sinks;NewSinks;false;WrapResponseWriteFile;(System.String);;Argument[0];generated:html | diff --git a/csharp/ql/test/utils/model-generator/CaptureSourceModels.expected b/csharp/ql/test/utils/model-generator/CaptureSourceModels.expected index 2ca472200e9..f1cbc0bb151 100644 --- a/csharp/ql/test/utils/model-generator/CaptureSourceModels.expected +++ b/csharp/ql/test/utils/model-generator/CaptureSourceModels.expected @@ -1,3 +1,3 @@ -| Sources;NewSources;false;WrapConsoleReadKey;();;ReturnValue;local | -| Sources;NewSources;false;WrapConsoleReadLine;();;ReturnValue;local | -| Sources;NewSources;false;WrapConsoleReadLineAndProcees;(System.String);;ReturnValue;local | +| Sources;NewSources;false;WrapConsoleReadKey;();;ReturnValue;generated:local | +| Sources;NewSources;false;WrapConsoleReadLine;();;ReturnValue;generated:local | +| Sources;NewSources;false;WrapConsoleReadLineAndProcees;(System.String);;ReturnValue;generated:local | diff --git a/csharp/ql/test/utils/model-generator/CaptureSummaryModels.expected b/csharp/ql/test/utils/model-generator/CaptureSummaryModels.expected index 79a1c020521..60611470e95 100644 --- a/csharp/ql/test/utils/model-generator/CaptureSummaryModels.expected +++ b/csharp/ql/test/utils/model-generator/CaptureSummaryModels.expected @@ -1,33 +1,33 @@ -| NoSummaries;PublicClassFlow;false;PublicReturn;(System.Int32);;Argument[0];ReturnValue;taint | -| Summaries;BaseClassFlow;true;ReturnParam;(System.Int32);;Argument[0];ReturnValue;taint | -| Summaries;BasicFlow;false;ReturnField;();;Argument[Qualifier];ReturnValue;taint | -| Summaries;BasicFlow;false;ReturnParam0;(System.String,System.Object);;Argument[0];ReturnValue;taint | -| Summaries;BasicFlow;false;ReturnParam1;(System.String,System.Object);;Argument[1];ReturnValue;taint | -| Summaries;BasicFlow;false;ReturnParamMultiple;(System.Object,System.Object);;Argument[0];ReturnValue;taint | -| Summaries;BasicFlow;false;ReturnParamMultiple;(System.Object,System.Object);;Argument[1];ReturnValue;taint | -| Summaries;BasicFlow;false;ReturnSubstring;(System.String);;Argument[0];ReturnValue;taint | -| Summaries;BasicFlow;false;ReturnThis;(System.Object);;Argument[Qualifier];ReturnValue;value | -| Summaries;BasicFlow;false;SetField;(System.String);;Argument[0];Argument[Qualifier];taint | -| Summaries;CollectionFlow;false;AddFieldToList;(System.Collections.Generic.List);;Argument[Qualifier];Argument[0].Element;taint | -| Summaries;CollectionFlow;false;AddToList;(System.Collections.Generic.List,System.Object);;Argument[1];Argument[0].Element;taint | -| Summaries;CollectionFlow;false;AssignFieldToArray;(System.Object[]);;Argument[Qualifier];Argument[0].Element;taint | -| Summaries;CollectionFlow;false;AssignToArray;(System.Int32,System.Int32[]);;Argument[0];Argument[1].Element;taint | -| Summaries;CollectionFlow;false;ReturnArrayElement;(System.Int32[]);;Argument[0].Element;ReturnValue;taint | -| Summaries;CollectionFlow;false;ReturnFieldInAList;();;Argument[Qualifier];ReturnValue;taint | -| Summaries;CollectionFlow;false;ReturnListElement;(System.Collections.Generic.List);;Argument[0].Element;ReturnValue;taint | -| Summaries;DerivedClass1Flow;false;ReturnParam1;(System.Int32,System.Int32);;Argument[1];ReturnValue;taint | -| Summaries;DerivedClass2Flow;false;ReturnParam0;(System.Int32,System.Int32);;Argument[0];ReturnValue;taint | -| Summaries;DerivedClass2Flow;false;ReturnParam;(System.Int32);;Argument[0];ReturnValue;taint | -| Summaries;EqualsGetHashCodeNoFlow;false;Equals;(System.Int32);;Argument[0];ReturnValue;taint | -| Summaries;GenericFlow<>;false;AddFieldToGenericList;(System.Collections.Generic.List);;Argument[Qualifier];Argument[0].Element;taint | -| Summaries;GenericFlow<>;false;AddToGenericList<>;(System.Collections.Generic.List,S);;Argument[1];Argument[0].Element;taint | -| Summaries;GenericFlow<>;false;ReturnFieldInGenericList;();;Argument[Qualifier];ReturnValue;taint | -| Summaries;GenericFlow<>;false;ReturnGenericElement<>;(System.Collections.Generic.List);;Argument[0].Element;ReturnValue;taint | -| Summaries;GenericFlow<>;false;ReturnGenericField;();;Argument[Qualifier];ReturnValue;taint | -| Summaries;GenericFlow<>;false;ReturnGenericParam<>;(S);;Argument[0];ReturnValue;taint | -| Summaries;GenericFlow<>;false;SetGenericField;(T);;Argument[0];Argument[Qualifier];taint | -| Summaries;IEnumerableFlow;false;ReturnFieldInIEnumerable;();;Argument[Qualifier];ReturnValue;taint | -| Summaries;IEnumerableFlow;false;ReturnIEnumerable;(System.Collections.Generic.IEnumerable);;Argument[0].Element;ReturnValue;taint | -| Summaries;IEnumerableFlow;false;ReturnIEnumerableElement;(System.Collections.Generic.IEnumerable);;Argument[0].Element;ReturnValue;taint | -| Summaries;OperatorFlow;false;OperatorFlow;(System.Object);;Argument[0];Argument[Qualifier];taint | -| Summaries;OperatorFlow;false;op_Addition;(Summaries.OperatorFlow,Summaries.OperatorFlow);;Argument[0];ReturnValue;taint | +| NoSummaries;PublicClassFlow;false;PublicReturn;(System.Int32);;Argument[0];ReturnValue;generated:taint | +| Summaries;BaseClassFlow;true;ReturnParam;(System.Int32);;Argument[0];ReturnValue;generated:taint | +| Summaries;BasicFlow;false;ReturnField;();;Argument[Qualifier];ReturnValue;generated:taint | +| Summaries;BasicFlow;false;ReturnParam0;(System.String,System.Object);;Argument[0];ReturnValue;generated:taint | +| Summaries;BasicFlow;false;ReturnParam1;(System.String,System.Object);;Argument[1];ReturnValue;generated:taint | +| Summaries;BasicFlow;false;ReturnParamMultiple;(System.Object,System.Object);;Argument[0];ReturnValue;generated:taint | +| Summaries;BasicFlow;false;ReturnParamMultiple;(System.Object,System.Object);;Argument[1];ReturnValue;generated:taint | +| Summaries;BasicFlow;false;ReturnSubstring;(System.String);;Argument[0];ReturnValue;generated:taint | +| Summaries;BasicFlow;false;ReturnThis;(System.Object);;Argument[Qualifier];ReturnValue;generated:value | +| Summaries;BasicFlow;false;SetField;(System.String);;Argument[0];Argument[Qualifier];generated:taint | +| Summaries;CollectionFlow;false;AddFieldToList;(System.Collections.Generic.List);;Argument[Qualifier];Argument[0].Element;generated:taint | +| Summaries;CollectionFlow;false;AddToList;(System.Collections.Generic.List,System.Object);;Argument[1];Argument[0].Element;generated:taint | +| Summaries;CollectionFlow;false;AssignFieldToArray;(System.Object[]);;Argument[Qualifier];Argument[0].Element;generated:taint | +| Summaries;CollectionFlow;false;AssignToArray;(System.Int32,System.Int32[]);;Argument[0];Argument[1].Element;generated:taint | +| Summaries;CollectionFlow;false;ReturnArrayElement;(System.Int32[]);;Argument[0].Element;ReturnValue;generated:taint | +| Summaries;CollectionFlow;false;ReturnFieldInAList;();;Argument[Qualifier];ReturnValue;generated:taint | +| Summaries;CollectionFlow;false;ReturnListElement;(System.Collections.Generic.List);;Argument[0].Element;ReturnValue;generated:taint | +| Summaries;DerivedClass1Flow;false;ReturnParam1;(System.Int32,System.Int32);;Argument[1];ReturnValue;generated:taint | +| Summaries;DerivedClass2Flow;false;ReturnParam0;(System.Int32,System.Int32);;Argument[0];ReturnValue;generated:taint | +| Summaries;DerivedClass2Flow;false;ReturnParam;(System.Int32);;Argument[0];ReturnValue;generated:taint | +| Summaries;EqualsGetHashCodeNoFlow;false;Equals;(System.Int32);;Argument[0];ReturnValue;generated:taint | +| Summaries;GenericFlow<>;false;AddFieldToGenericList;(System.Collections.Generic.List);;Argument[Qualifier];Argument[0].Element;generated:taint | +| Summaries;GenericFlow<>;false;AddToGenericList<>;(System.Collections.Generic.List,S);;Argument[1];Argument[0].Element;generated:taint | +| Summaries;GenericFlow<>;false;ReturnFieldInGenericList;();;Argument[Qualifier];ReturnValue;generated:taint | +| Summaries;GenericFlow<>;false;ReturnGenericElement<>;(System.Collections.Generic.List);;Argument[0].Element;ReturnValue;generated:taint | +| Summaries;GenericFlow<>;false;ReturnGenericField;();;Argument[Qualifier];ReturnValue;generated:taint | +| Summaries;GenericFlow<>;false;ReturnGenericParam<>;(S);;Argument[0];ReturnValue;generated:taint | +| Summaries;GenericFlow<>;false;SetGenericField;(T);;Argument[0];Argument[Qualifier];generated:taint | +| Summaries;IEnumerableFlow;false;ReturnFieldInIEnumerable;();;Argument[Qualifier];ReturnValue;generated:taint | +| Summaries;IEnumerableFlow;false;ReturnIEnumerable;(System.Collections.Generic.IEnumerable);;Argument[0].Element;ReturnValue;generated:taint | +| Summaries;IEnumerableFlow;false;ReturnIEnumerableElement;(System.Collections.Generic.IEnumerable);;Argument[0].Element;ReturnValue;generated:taint | +| Summaries;OperatorFlow;false;OperatorFlow;(System.Object);;Argument[0];Argument[Qualifier];generated:taint | +| Summaries;OperatorFlow;false;op_Addition;(Summaries.OperatorFlow,Summaries.OperatorFlow);;Argument[0];ReturnValue;generated:taint | diff --git a/defs.bzl b/defs.bzl new file mode 100644 index 00000000000..d6748d83176 --- /dev/null +++ b/defs.bzl @@ -0,0 +1,5 @@ +codeql_platform = select({ + "@platforms//os:linux": "linux64", + "@platforms//os:macos": "osx64", + "@platforms//os:windows": "win64", +}) diff --git a/docs/codeql/ql-language-reference/formulas.rst b/docs/codeql/ql-language-reference/formulas.rst index b92ca96142c..cdc8c297b7d 100644 --- a/docs/codeql/ql-language-reference/formulas.rst +++ b/docs/codeql/ql-language-reference/formulas.rst @@ -100,12 +100,12 @@ As a consequence, ``A != B`` has a very different meaning to the :ref:`negation - ``1 = [1 .. 2]`` holds, because ``1 = 1``. - ``not 1 = [1 .. 2]`` doesn't hold, because there is a common value (``1``). -#. Compare ``1`` and ``none()`` (the "empty set"): - - ``1 != none()`` doesn't hold, because there are no values in ``none()``, so no values +#. Compare ``1`` and ``int empty() { none() }`` (a predicate defining the empty set of integers): + - ``1 != empty()`` doesn't hold, because there are no values in ``empty()``, so no values that are not equal to ``1``. - - ``1 = none()`` also doesn't hold, because there are no values in ``none()``, so no values + - ``1 = empty()`` also doesn't hold, because there are no values in ``empty()``, so no values that are equal to ``1``. - - ``not 1 = none()`` holds, because there are no common values. + - ``not 1 = empty()`` holds, because there are no common values. .. index:: instanceof .. _type-checks: @@ -295,9 +295,48 @@ necessary, since they highlight the default precedence. You usually only add par override the default precedence, but you can also add them to make your code easier to read (even if they aren't required). +QL also has two nullary connectives indicating the always true formula, +``any()``, and the always false formula, ``none()``. + The logical connectives in QL work similarly to Boolean connectives in other programming languages. Here is a brief overview: +.. index:: any, true +.. _true: + +``any()`` +========= + +The built-in predicate ``any()`` is a formula that always holds. + +**Example** + +The following predicate defines the set of all expressions. + +.. code-block:: ql + + Expr allExpressions() { + any() + } + +.. index:: none, false +.. _false: + +``none()`` +========== + +The built-in predicate ``none()`` is a formula that never holds. + +**Example** + +The following predicate defines the empty set of integers. + +.. code-block:: ql + + int emptySet() { + none() + } + .. index:: not, negation .. _negation: diff --git a/docs/codeql/ql-language-reference/types.rst b/docs/codeql/ql-language-reference/types.rst index 7bf0efdbf73..db9a6a4cc52 100644 --- a/docs/codeql/ql-language-reference/types.rst +++ b/docs/codeql/ql-language-reference/types.rst @@ -387,26 +387,26 @@ from ``OneTwoThree`` and ``int``. Non-extending subtypes ====================== -Besides extending base types, classes can also declare `instanceof` relationships with other types. -Declaring a class as `instanceof Foo` is roughly equivalent to saying `this instanceof Foo` in the characteristic predicate. -The main differences are that you can call methods on Bar via `super` and you can get better optimisation. +Besides extending base types, classes can also declare ``instanceof`` relationships with other types. +Declaring a class as ``instanceof Foo`` is roughly equivalent to saying ``this instanceof Foo`` in the characteristic predicate. +The main differences are that you can call methods on ``Bar`` via ``super`` and you can get better optimisation. .. code-block:: ql class Foo extends int { Foo() { this in [1 .. 10] } - string foo_method() { result = "foo" } + string fooMethod() { result = "foo" } } class Bar instanceof Foo { - string toString() { result = super.foo_method() } + string toString() { result = super.fooMethod() } } -In this example, the characteristic predicate from `Foo` also applies to `Bar`. -However, `foo_method` is not exposed in `Bar`, so the query `select any(Bar b).foo_method()` +In this example, the characteristic predicate from ``Foo`` also applies to ``Bar``. +However, ``fooMethod`` is not exposed in ``Bar``, so the query ``select any(Bar b).fooMethod()`` results in a compile time error. Note from the example that it is still possible to access -methods from instanceof supertypes from within the specialising class with the `super` keyword. +methods from instanceof supertypes from within the specialising class with the ``super`` keyword. Crucially, the instanceof **supertypes** are not **base types**. This means that these supertypes do not participate in overriding, and any fields of such @@ -430,10 +430,10 @@ The following example demonstrates this. override string foo() { result = "bar" } } -Here, the method `Bar::foo` does not override `Foo::foo`. -Instead, it overrides only `Interface::foo`. -This means that `select any(Foo f).foo()` yields only `foo`. -Had `Bar` been defined as `extends Foo`, then `select any(Foo b)` would yield `bar`. +Here, the method ``Bar::foo`` does not override ``Foo::foo``. +Instead, it overrides only ``Interface::foo``. +This means that ``select any(Foo f).foo()`` yields ``foo``. +Had ``Bar`` been defined as ``extends Foo``, then ``select any(Foo f).foo()`` would yield ``bar``. .. _character-types: .. _domain-types: diff --git a/java/ql/lib/CHANGELOG.md b/java/ql/lib/CHANGELOG.md index db971f8c7dd..5f54907420e 100644 --- a/java/ql/lib/CHANGELOG.md +++ b/java/ql/lib/CHANGELOG.md @@ -1,3 +1,28 @@ +## 0.0.13 + +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + + * Added new guards `IsWindowsGuard`, `IsSpecificWindowsVariant`, `IsUnixGuard`, and `IsSpecificUnixVariant` to detect OS specific guards. + * Added a new predicate `getSystemProperty` that gets all expressions that retrieve system properties from a variety of sources (eg. alternative JDK API's, Google Guava, Apache Commons, Apache IO, etc.). + * Added support for detection of SSRF via JDBC database URLs, including connections made using the standard library (`java.sql`), Hikari Connection Pool, JDBI and Spring JDBC. + * Re-removed support for `CharacterLiteral` from `CompileTimeConstantExpr.getStringValue()` to restore the convention that that predicate only applies to `String`-typed constants. +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. + ## 0.0.11 ### New Features diff --git a/java/ql/lib/change-notes/2022-02-07-deleted-deprecations.md b/java/ql/lib/change-notes/2022-02-07-deleted-deprecations.md deleted file mode 100644 index e8da1e8e158..00000000000 --- a/java/ql/lib/change-notes/2022-02-07-deleted-deprecations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md b/java/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md deleted file mode 100644 index a79f286aacd..00000000000 --- a/java/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/java/ql/lib/change-notes/2022-03-11-revert-8325.md b/java/ql/lib/change-notes/2022-03-11-revert-8325.md deleted file mode 100644 index d38d6327819..00000000000 --- a/java/ql/lib/change-notes/2022-03-11-revert-8325.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- - * Re-removed support for `CharacterLiteral` from `CompileTimeConstantExpr.getStringValue()` to restore the convention that that predicate only applies to `String`-typed constants. diff --git a/java/ql/lib/change-notes/2022-03-14-flow-state-barriers.md b/java/ql/lib/change-notes/2022-03-14-flow-state-barriers.md deleted file mode 100644 index af6247a66fa..00000000000 --- a/java/ql/lib/change-notes/2022-03-14-flow-state-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. diff --git a/java/ql/lib/change-notes/2022-03-14-new-jdbc-ssrf-sinks.md b/java/ql/lib/change-notes/2022-03-14-new-jdbc-ssrf-sinks.md deleted file mode 100644 index c154b12cfad..00000000000 --- a/java/ql/lib/change-notes/2022-03-14-new-jdbc-ssrf-sinks.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- - * Added support for detection of SSRF via JDBC database URLs, including connections made using the standard library (`java.sql`), Hikari Connection Pool, JDBI and Spring JDBC. diff --git a/java/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md b/java/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md deleted file mode 100644 index 3481d507db3..00000000000 --- a/java/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. diff --git a/java/ql/lib/change-notes/2022-04-06-getUrl-deprecation.md b/java/ql/lib/change-notes/2022-04-06-getUrl-deprecation.md new file mode 100644 index 00000000000..17c434f6306 --- /dev/null +++ b/java/ql/lib/change-notes/2022-04-06-getUrl-deprecation.md @@ -0,0 +1,4 @@ +--- +category: breaking +--- +* The `getUrl` predicate of `DeclaredRepository` in `MavenPom.qll` has been renamed to `getRepositoryUrl`. diff --git a/java/ql/lib/change-notes/released/0.0.12.md b/java/ql/lib/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..50055f80d3f --- /dev/null +++ b/java/ql/lib/change-notes/released/0.0.12.md @@ -0,0 +1,22 @@ +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + + * Added new guards `IsWindowsGuard`, `IsSpecificWindowsVariant`, `IsUnixGuard`, and `IsSpecificUnixVariant` to detect OS specific guards. + * Added a new predicate `getSystemProperty` that gets all expressions that retrieve system properties from a variety of sources (eg. alternative JDK API's, Google Guava, Apache Commons, Apache IO, etc.). + * Added support for detection of SSRF via JDBC database URLs, including connections made using the standard library (`java.sql`), Hikari Connection Pool, JDBI and Spring JDBC. + * Re-removed support for `CharacterLiteral` from `CompileTimeConstantExpr.getStringValue()` to restore the convention that that predicate only applies to `String`-typed constants. +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. diff --git a/java/ql/lib/change-notes/released/0.0.13.md b/java/ql/lib/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/java/ql/lib/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/java/ql/lib/codeql-pack.release.yml b/java/ql/lib/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/java/ql/lib/codeql-pack.release.yml +++ b/java/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/java/ql/lib/qlpack.yml b/java/ql/lib/qlpack.yml index 41d541a67fb..ce82907054a 100644 --- a/java/ql/lib/qlpack.yml +++ b/java/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-all -version: 0.0.12-dev +version: 0.1.0-dev groups: java dbscheme: config/semmlecode.dbscheme extractor: java diff --git a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll index 631c47583e6..3ea87607483 100644 --- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll +++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll @@ -404,10 +404,17 @@ private predicate summaryModel(string row) { any(SummaryModelCsv s).row(row) } +bindingset[input] +private predicate getKind(string input, string kind, boolean generated) { + input.splitAt(":", 0) = "generated" and kind = input.splitAt(":", 1) and generated = true + or + not input.matches("%:%") and kind = input and generated = false +} + /** Holds if a source model exists for the given parameters. */ predicate sourceModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string output, string kind + string output, string kind, boolean generated ) { exists(string row | sourceModel(row) and @@ -419,14 +426,14 @@ predicate sourceModel( row.splitAt(";", 4) = signature and row.splitAt(";", 5) = ext and row.splitAt(";", 6) = output and - row.splitAt(";", 7) = kind + exists(string k | row.splitAt(";", 7) = k and getKind(k, kind, generated)) ) } /** Holds if a sink model exists for the given parameters. */ predicate sinkModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string kind + string input, string kind, boolean generated ) { exists(string row | sinkModel(row) and @@ -438,22 +445,22 @@ predicate sinkModel( row.splitAt(";", 4) = signature and row.splitAt(";", 5) = ext and row.splitAt(";", 6) = input and - row.splitAt(";", 7) = kind + exists(string k | row.splitAt(";", 7) = k and getKind(k, kind, generated)) ) } /** Holds if a summary model exists for the given parameters. */ predicate summaryModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind + string input, string output, string kind, boolean generated ) { - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, _) + summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, generated, _) } /** Holds if a summary model `row` exists for the given parameters. */ predicate summaryModel( string namespace, string type, boolean subtypes, string name, string signature, string ext, - string input, string output, string kind, string row + string input, string output, string kind, boolean generated, string row ) { summaryModel(row) and row.splitAt(";", 0) = namespace and @@ -465,13 +472,13 @@ predicate summaryModel( row.splitAt(";", 5) = ext and row.splitAt(";", 6) = input and row.splitAt(";", 7) = output and - row.splitAt(";", 8) = kind + exists(string k | row.splitAt(";", 8) = k and getKind(k, kind, generated)) } private predicate relevantPackage(string package) { - sourceModel(package, _, _, _, _, _, _, _) or - sinkModel(package, _, _, _, _, _, _, _) or - summaryModel(package, _, _, _, _, _, _, _, _) + sourceModel(package, _, _, _, _, _, _, _, _) or + sinkModel(package, _, _, _, _, _, _, _, _) or + summaryModel(package, _, _, _, _, _, _, _, _, _, _) } private predicate packageLink(string shortpkg, string longpkg) { @@ -499,25 +506,25 @@ predicate modelCoverage(string package, int pkgs, string kind, string part, int part = "source" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, - string ext, string output | + string ext, string output, boolean generated | canonicalPkgLink(package, subpkg) and - sourceModel(subpkg, type, subtypes, name, signature, ext, output, kind) + sourceModel(subpkg, type, subtypes, name, signature, ext, output, kind, generated) ) or part = "sink" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, - string ext, string input | + string ext, string input, boolean generated | canonicalPkgLink(package, subpkg) and - sinkModel(subpkg, type, subtypes, name, signature, ext, input, kind) + sinkModel(subpkg, type, subtypes, name, signature, ext, input, kind, generated) ) or part = "summary" and n = strictcount(string subpkg, string type, boolean subtypes, string name, string signature, - string ext, string input, string output | + string ext, string input, string output, boolean generated | canonicalPkgLink(package, subpkg) and - summaryModel(subpkg, type, subtypes, name, signature, ext, input, output, kind) + summaryModel(subpkg, type, subtypes, name, signature, ext, input, output, kind, generated) ) ) } @@ -527,11 +534,11 @@ module CsvValidation { /** Holds if some row in a CSV-based flow model appears to contain typos. */ query predicate invalidModelRow(string msg) { exists(string pred, string namespace, string type, string name, string signature, string ext | - sourceModel(namespace, type, _, name, signature, ext, _, _) and pred = "source" + sourceModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "source" or - sinkModel(namespace, type, _, name, signature, ext, _, _) and pred = "sink" + sinkModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "sink" or - summaryModel(namespace, type, _, name, signature, ext, _, _, _) and pred = "summary" + summaryModel(namespace, type, _, name, signature, ext, _, _, _, _) and pred = "summary" | not namespace.regexpMatch("[a-zA-Z0-9_\\.]+") and msg = "Dubious namespace \"" + namespace + "\" in " + pred + " model." @@ -550,9 +557,9 @@ module CsvValidation { ) or exists(string pred, string input, string part | - sinkModel(_, _, _, _, _, _, input, _) and pred = "sink" + sinkModel(_, _, _, _, _, _, input, _, _) and pred = "sink" or - summaryModel(_, _, _, _, _, _, input, _, _) and pred = "summary" + summaryModel(_, _, _, _, _, _, input, _, _, _) and pred = "summary" | ( invalidSpecComponent(input, part) and @@ -567,9 +574,9 @@ module CsvValidation { ) or exists(string pred, string output, string part | - sourceModel(_, _, _, _, _, _, output, _) and pred = "source" + sourceModel(_, _, _, _, _, _, output, _, _) and pred = "source" or - summaryModel(_, _, _, _, _, _, _, output, _) and pred = "summary" + summaryModel(_, _, _, _, _, _, _, output, _, _) and pred = "summary" | invalidSpecComponent(output, part) and not part = "" and @@ -598,6 +605,13 @@ module CsvValidation { msg = "Invalid boolean \"" + b + "\" in " + pred + " model." ) ) + or + exists(string row, string k, string kind | summaryModel(row) | + k = row.splitAt(";", 8) and + getKind(k, kind, _) and + not kind = ["taint", "value"] and + msg = "Invalid kind \"" + kind + "\" in summary model." + ) } } @@ -605,9 +619,9 @@ pragma[nomagic] private predicate elementSpec( string namespace, string type, boolean subtypes, string name, string signature, string ext ) { - sourceModel(namespace, type, subtypes, name, signature, ext, _, _) or - sinkModel(namespace, type, subtypes, name, signature, ext, _, _) or - summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _) + sourceModel(namespace, type, subtypes, name, signature, ext, _, _, _) or + sinkModel(namespace, type, subtypes, name, signature, ext, _, _, _) or + summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _, _) } private string paramsStringPart(Callable c, int i) { diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForOnActivityResult.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll index 9800e02ccf1..bb98acf0494 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImplForSerializability.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll index 2ef2d847a3b..52701d1a118 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImpl.qll @@ -806,10 +806,10 @@ module Private { module External { /** Holds if `spec` is a relevant external specification. */ private predicate relevantSpec(string spec) { - summaryElement(_, spec, _, _) or - summaryElement(_, _, spec, _) or - sourceElement(_, spec, _) or - sinkElement(_, spec, _) + summaryElement(_, spec, _, _, _) or + summaryElement(_, _, spec, _, _) or + sourceElement(_, spec, _, _) or + sinkElement(_, spec, _, _) } private class AccessPathRange extends AccessPath::Range { @@ -875,13 +875,20 @@ module Private { } private class SummarizedCallableExternal extends SummarizedCallable { - SummarizedCallableExternal() { summaryElement(this, _, _, _) } + SummarizedCallableExternal() { summaryElement(this, _, _, _, _) } + + private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { + summaryElement(this, inSpec, outSpec, kind, false) + or + summaryElement(this, inSpec, outSpec, kind, true) and + not summaryElement(this, _, _, _, false) + } override predicate propagatesFlow( SummaryComponentStack input, SummaryComponentStack output, boolean preservesValue ) { exists(AccessPath inSpec, AccessPath outSpec, string kind | - summaryElement(this, inSpec, outSpec, kind) and + this.relevantSummaryElement(inSpec, outSpec, kind) and interpretSpec(inSpec, input) and interpretSpec(outSpec, output) | @@ -910,7 +917,7 @@ module Private { private predicate sourceElementRef(InterpretNode ref, AccessPath output, string kind) { exists(SourceOrSinkElement e | - sourceElement(e, output, kind) and + sourceElement(e, output, kind, _) and if outputNeedsReference(output.getToken(0)) then e = ref.getCallTarget() else e = ref.asElement() @@ -919,7 +926,7 @@ module Private { private predicate sinkElementRef(InterpretNode ref, AccessPath input, string kind) { exists(SourceOrSinkElement e | - sinkElement(e, input, kind) and + sinkElement(e, input, kind, _) and if inputNeedsReference(input.getToken(0)) then e = ref.getCallTarget() else e = ref.asElement() diff --git a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll index f4fbcf0045f..64b762a10ad 100644 --- a/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/java/ql/lib/semmle/code/java/dataflow/internal/FlowSummaryImplSpecific.qll @@ -53,13 +53,16 @@ DataFlowType getCallbackReturnType(DataFlowType t, ReturnKind rk) { /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, and kind `kind`. + * `input`, output specification `output`, kind `kind`, and a flag `generated` + * stating whether the summary is autogenerated. */ -predicate summaryElement(DataFlowCallable c, string input, string output, string kind) { +predicate summaryElement( + DataFlowCallable c, string input, string output, string kind, boolean generated +) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind) and + summaryModel(namespace, type, subtypes, name, signature, ext, input, output, kind, generated) and c.asCallable() = interpretElement(namespace, type, subtypes, name, signature, ext) ) } @@ -112,26 +115,28 @@ class SourceOrSinkElement = Top; /** * Holds if an external source specification exists for `e` with output specification - * `output` and kind `kind`. + * `output`, kind `kind`, and a flag `generated` stating whether the source specification is + * autogenerated. */ -predicate sourceElement(SourceOrSinkElement e, string output, string kind) { +predicate sourceElement(SourceOrSinkElement e, string output, string kind, boolean generated) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sourceModel(namespace, type, subtypes, name, signature, ext, output, kind) and + sourceModel(namespace, type, subtypes, name, signature, ext, output, kind, generated) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } /** * Holds if an external sink specification exists for `e` with input specification - * `input` and kind `kind`. + * `input`, kind `kind` and a flag `generated` stating whether the sink specification is + * autogenerated. */ -predicate sinkElement(SourceOrSinkElement e, string input, string kind) { +predicate sinkElement(SourceOrSinkElement e, string input, string kind, boolean generated) { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - sinkModel(namespace, type, subtypes, name, signature, ext, input, kind) and + sinkModel(namespace, type, subtypes, name, signature, ext, input, kind, generated) and e = interpretElement(namespace, type, subtypes, name, signature, ext) ) } diff --git a/java/ql/lib/semmle/code/java/os/OSCheck.qll b/java/ql/lib/semmle/code/java/os/OSCheck.qll index f78086476de..d43e2015705 100644 --- a/java/ql/lib/semmle/code/java/os/OSCheck.qll +++ b/java/ql/lib/semmle/code/java/os/OSCheck.qll @@ -112,23 +112,26 @@ private predicate isOsFromApacheCommons(FieldAccess fa, string fieldNamePattern) } private class IsWindowsFromApacheCommons extends IsWindowsGuard instanceof FieldAccess { - IsWindowsFromApacheCommons() { isOsFromApacheCommons(this, "IS_OS_WINDOWS") } + IsWindowsFromApacheCommons() { isOsFromApacheCommons(this, "IS\\_OS\\_WINDOWS") } } private class IsSpecificWindowsVariantFromApacheCommons extends IsSpecificWindowsVariant instanceof FieldAccess { - IsSpecificWindowsVariantFromApacheCommons() { isOsFromApacheCommons(this, "IS_OS_WINDOWS_%") } + IsSpecificWindowsVariantFromApacheCommons() { + isOsFromApacheCommons(this, "IS\\_OS\\_WINDOWS\\_%") + } } private class IsUnixFromApacheCommons extends IsUnixGuard instanceof FieldAccess { - IsUnixFromApacheCommons() { isOsFromApacheCommons(this, "IS_OS_UNIX") } + IsUnixFromApacheCommons() { isOsFromApacheCommons(this, "IS\\_OS\\_UNIX") } } private class IsSpecificUnixVariantFromApacheCommons extends IsSpecificUnixVariant instanceof FieldAccess { IsSpecificUnixVariantFromApacheCommons() { isOsFromApacheCommons(this, [ - "IS_OS_AIX", "IS_OS_HP_UX", "IS_OS_IRIX", "IS_OS_LINUX", "IS_OS_MAC%", "IS_OS_FREE_BSD", - "IS_OS_OPEN_BSD", "IS_OS_NET_BSD", "IS_OS_SOLARIS", "IS_OS_SUN_OS", "IS_OS_ZOS" + "IS\\_OS\\_AIX", "IS\\_OS\\_HP\\_UX", "IS\\_OS\\_IRIX", "IS\\_OS\\_LINUX", "IS\\_OS\\_MAC%", + "IS\\_OS\\_FREE\\_BSD", "IS\\_OS\\_OPEN\\_BSD", "IS\\_OS\\_NET\\_BSD", "IS\\_OS\\_SOLARIS", + "IS\\_OS\\_SUN\\_OS", "IS\\_OS\\_ZOS" ]) } } diff --git a/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll b/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll index 80ec142f214..42768d024e8 100644 --- a/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll +++ b/java/ql/lib/semmle/code/java/security/CommandLineQuery.qll @@ -11,7 +11,10 @@ import semmle.code.java.dataflow.FlowSources import semmle.code.java.security.ExternalProcess import semmle.code.java.security.CommandArguments -private class RemoteUserInputToArgumentToExecFlowConfig extends TaintTracking::Configuration { +/** + * A taint-tracking configuration for unvalidated user input that is used to run an external process. + */ +class RemoteUserInputToArgumentToExecFlowConfig extends TaintTracking::Configuration { RemoteUserInputToArgumentToExecFlowConfig() { this = "ExecCommon::RemoteUserInputToArgumentToExecFlowConfig" } diff --git a/java/ql/src/Security/CWE/CWE-089/SqlInjectionLib.qll b/java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll similarity index 71% rename from java/ql/src/Security/CWE/CWE-089/SqlInjectionLib.qll rename to java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll index febee9bcef9..33a80455db0 100644 --- a/java/ql/src/Security/CWE/CWE-089/SqlInjectionLib.qll +++ b/java/ql/lib/semmle/code/java/security/SqlInjectionQuery.qll @@ -1,10 +1,19 @@ -/** Definitions used by the queries for database query injection. */ +/** + * Provides taint tracking and dataflow configurations to be used in Sql injection queries. + * + * Do not import this from a library file, in order to reduce the risk of + * unintentionally bringing a TaintTracking::Configuration into scope in an unrelated + * query. + */ import java import semmle.code.java.dataflow.FlowSources import semmle.code.java.security.QueryInjection -private class QueryInjectionFlowConfig extends TaintTracking::Configuration { +/** + * A taint-tracking configuration for unvalidated user input that is used in SQL queries. + */ +class QueryInjectionFlowConfig extends TaintTracking::Configuration { QueryInjectionFlowConfig() { this = "SqlInjectionLib::QueryInjectionFlowConfig" } override predicate isSource(DataFlow::Node src) { src instanceof RemoteFlowSource } diff --git a/java/ql/lib/semmle/code/xml/MavenPom.qll b/java/ql/lib/semmle/code/xml/MavenPom.qll index 3855ccc74e5..9fb4f22eafb 100644 --- a/java/ql/lib/semmle/code/xml/MavenPom.qll +++ b/java/ql/lib/semmle/code/xml/MavenPom.qll @@ -380,7 +380,7 @@ class DeclaredRepository extends PomElement { * Gets the url for this repository. If the `url` tag is present, this will * be the string contents of that tag. */ - string getUrl() { result = this.getAChild("url").(PomElement).getValue() } + string getRepositoryUrl() { result = this.getAChild("url").(PomElement).getValue() } } /** diff --git a/java/ql/src/CHANGELOG.md b/java/ql/src/CHANGELOG.md index b2887d972db..900657a3e0d 100644 --- a/java/ql/src/CHANGELOG.md +++ b/java/ql/src/CHANGELOG.md @@ -1,3 +1,15 @@ +## 0.0.13 + +## 0.0.12 + +### New Queries + +* The query "Insertion of sensitive information into log files" (`java/sensitive-logging`) has been promoted from experimental to the main query pack. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/3090). + +### Minor Analysis Improvements + + * Updated "Local information disclosure in a temporary directory" (`java/local-temp-file-or-directory-information-disclosure`) to remove false-positives when OS is properly used as logical guard. + ## 0.0.11 ## 0.0.10 diff --git a/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql b/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql index 28b09d37dbb..50dfe9d725a 100644 --- a/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql +++ b/java/ql/src/Security/CWE/CWE-089/SqlTainted.ql @@ -14,7 +14,7 @@ import java import semmle.code.java.dataflow.FlowSources -import SqlInjectionLib +import semmle.code.java.security.SqlInjectionQuery import DataFlow::PathGraph from QueryInjectionSink query, DataFlow::PathNode source, DataFlow::PathNode sink diff --git a/java/ql/src/Security/CWE/CWE-089/SqlTaintedLocal.ql b/java/ql/src/Security/CWE/CWE-089/SqlTaintedLocal.ql index df5807f3f5f..acd4f9d8df5 100644 --- a/java/ql/src/Security/CWE/CWE-089/SqlTaintedLocal.ql +++ b/java/ql/src/Security/CWE/CWE-089/SqlTaintedLocal.ql @@ -14,7 +14,7 @@ import semmle.code.java.Expr import semmle.code.java.dataflow.FlowSources -import SqlInjectionLib +import semmle.code.java.security.SqlInjectionQuery import DataFlow::PathGraph class LocalUserInputToQueryInjectionFlowConfig extends TaintTracking::Configuration { diff --git a/java/ql/src/Security/CWE/CWE-089/SqlUnescaped.ql b/java/ql/src/Security/CWE/CWE-089/SqlUnescaped.ql index e9e6cba3770..d73754e6202 100644 --- a/java/ql/src/Security/CWE/CWE-089/SqlUnescaped.ql +++ b/java/ql/src/Security/CWE/CWE-089/SqlUnescaped.ql @@ -14,7 +14,7 @@ import java import semmle.code.java.security.SqlUnescapedLib -import SqlInjectionLib +import semmle.code.java.security.SqlInjectionQuery class UncontrolledStringBuilderSource extends DataFlow::ExprNode { UncontrolledStringBuilderSource() { diff --git a/java/ql/src/Security/CWE/CWE-1104/MavenPomDependsOnBintray.ql b/java/ql/src/Security/CWE/CWE-1104/MavenPomDependsOnBintray.ql index 84d9ba734e2..cfa36f5a582 100644 --- a/java/ql/src/Security/CWE/CWE-1104/MavenPomDependsOnBintray.ql +++ b/java/ql/src/Security/CWE/CWE-1104/MavenPomDependsOnBintray.ql @@ -14,10 +14,10 @@ import java import semmle.code.xml.MavenPom predicate isBintrayRepositoryUsage(DeclaredRepository repository) { - repository.getUrl().matches("%.bintray.com%") + repository.getRepositoryUrl().matches("%.bintray.com%") } from DeclaredRepository repository where isBintrayRepositoryUsage(repository) select repository, - "Downloading or uploading artifacts to deprecated repository " + repository.getUrl() + "Downloading or uploading artifacts to deprecated repository " + repository.getRepositoryUrl() diff --git a/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql b/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql index e4a4786a09a..01d60f1062e 100644 --- a/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql +++ b/java/ql/src/Security/CWE/CWE-200/TempDirLocalInformationDisclosure.ql @@ -105,23 +105,21 @@ private class FileCreateTempFileSink extends FileCreationSink { } /** - * A guard that holds when the program is definitely running under some version of Windows. + * A sanitizer that holds when the program is definitely running under some version of Windows. */ -abstract private class WindowsOsBarrierGuard extends DataFlow::BarrierGuard { } +abstract private class WindowsOsSanitizer extends DataFlow::Node { } -private class IsNotUnixBarrierGuard extends WindowsOsBarrierGuard instanceof IsUnixGuard { - override predicate checks(Expr e, boolean branch) { - this.controls(e.getBasicBlock(), branch.booleanNot()) - } +private class IsNotUnixSanitizer extends WindowsOsSanitizer { + IsNotUnixSanitizer() { any(IsUnixGuard guard).controls(this.asExpr().getBasicBlock(), false) } } -private class IsWindowsBarrierGuard extends WindowsOsBarrierGuard instanceof IsWindowsGuard { - override predicate checks(Expr e, boolean branch) { this.controls(e.getBasicBlock(), branch) } +private class IsWindowsSanitizer extends WindowsOsSanitizer { + IsWindowsSanitizer() { any(IsWindowsGuard guard).controls(this.asExpr().getBasicBlock(), true) } } -private class IsSpecificWindowsBarrierGuard extends WindowsOsBarrierGuard instanceof IsSpecificWindowsVariant { - override predicate checks(Expr e, boolean branch) { - branch = true and this.controls(e.getBasicBlock(), branch) +private class IsSpecificWindowsSanitizer extends WindowsOsSanitizer { + IsSpecificWindowsSanitizer() { + any(IsSpecificWindowsVariant guard).controls(this.asExpr().getBasicBlock(), true) } } @@ -155,10 +153,8 @@ private class TempDirSystemGetPropertyToCreateConfig extends TaintTracking::Conf exists(FilesSanitizingCreationMethodAccess sanitisingMethodAccess | sanitizer.asExpr() = sanitisingMethodAccess.getArgument(0) ) - } - - override predicate isSanitizerGuard(DataFlow::BarrierGuard guard) { - guard instanceof WindowsOsBarrierGuard + or + sanitizer instanceof WindowsOsSanitizer } } diff --git a/java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll b/java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll index a2ee4fc13d1..1984f16a58c 100644 --- a/java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll +++ b/java/ql/src/Security/CWE/CWE-200/TempDirUtils.qll @@ -58,7 +58,6 @@ private predicate isTaintPropagatingFileTransformation(Expr expSource, Expr expr * For example, `taintedFile.getCanonicalFile()` is itself tainted. */ predicate isAdditionalFileTaintStep(DataFlow::Node node1, DataFlow::Node node2) { - isFileConstructorArgument(node1.asExpr(), node2.asExpr(), _) or isTaintPropagatingFileTransformation(node1.asExpr(), node2.asExpr()) } diff --git a/java/ql/src/Security/CWE/CWE-829/InsecureDependencyResolution.ql b/java/ql/src/Security/CWE/CWE-829/InsecureDependencyResolution.ql index 0123354572d..ede03c50b00 100644 --- a/java/ql/src/Security/CWE/CWE-829/InsecureDependencyResolution.ql +++ b/java/ql/src/Security/CWE/CWE-829/InsecureDependencyResolution.ql @@ -17,11 +17,11 @@ import java import semmle.code.xml.MavenPom predicate isInsecureRepositoryUsage(DeclaredRepository repository) { - repository.getUrl().regexpMatch("(?i)^(http|ftp)://(?!localhost[:/]).*") + repository.getRepositoryUrl().regexpMatch("(?i)^(http|ftp)://(?!localhost[:/]).*") } from DeclaredRepository repository where isInsecureRepositoryUsage(repository) select repository, "Downloading or uploading artifacts over insecure protocol (eg. http or ftp) to/from repository " + - repository.getUrl() + repository.getRepositoryUrl() diff --git a/java/ql/src/change-notes/2022-02-14-os-guards.md b/java/ql/src/change-notes/2022-02-14-os-guards.md deleted file mode 100644 index a3a24edb916..00000000000 --- a/java/ql/src/change-notes/2022-02-14-os-guards.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -category: minorAnalysis ---- - * Added new guards `IsWindowsGuard`, `IsSpecificWindowsVariant`, `IsUnixGuard`, and `IsSpecificUnixVariant` to detect OS specific guards. - * Added a new predicate `getSystemProperty` that gets all expressions that retrieve system properties from a variety of sources (eg. alternative JDK API's, Google Guava, Apache Commons, Apache IO, etc..). - * Updated "Local information disclosure in a temporary directory" (`java/local-temp-file-or-directory-information-disclosure`) to remove false-positives when OS is properly used as logical guard. - diff --git a/java/ql/src/change-notes/2022-03-11-sensitive-logging.md b/java/ql/src/change-notes/2022-03-11-sensitive-logging.md deleted file mode 100644 index cfc4693b1cb..00000000000 --- a/java/ql/src/change-notes/2022-03-11-sensitive-logging.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* The query "Insertion of sensitive information into log files" (`java/sensitive-logging`) has been promoted from experimental to the main query pack. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/3090). \ No newline at end of file diff --git a/java/ql/src/change-notes/2022-04-06-local-temp-file-or-directory-bugfix.md b/java/ql/src/change-notes/2022-04-06-local-temp-file-or-directory-bugfix.md new file mode 100644 index 00000000000..52cb8c5fc63 --- /dev/null +++ b/java/ql/src/change-notes/2022-04-06-local-temp-file-or-directory-bugfix.md @@ -0,0 +1,4 @@ +--- +category: minorAnalysis +--- + * Fixed "Local information disclosure in a temporary directory" (`java/local-temp-file-or-directory-information-disclosure`) to resolve false-negatives when OS isn't properly used as logical guard. diff --git a/java/ql/src/change-notes/released/0.0.12.md b/java/ql/src/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..6332ffc2b45 --- /dev/null +++ b/java/ql/src/change-notes/released/0.0.12.md @@ -0,0 +1,9 @@ +## 0.0.12 + +### New Queries + +* The query "Insertion of sensitive information into log files" (`java/sensitive-logging`) has been promoted from experimental to the main query pack. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/3090). + +### Minor Analysis Improvements + + * Updated "Local information disclosure in a temporary directory" (`java/local-temp-file-or-directory-information-disclosure`) to remove false-positives when OS is properly used as logical guard. diff --git a/java/ql/src/change-notes/released/0.0.13.md b/java/ql/src/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/java/ql/src/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/java/ql/src/codeql-pack.release.yml b/java/ql/src/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/java/ql/src/codeql-pack.release.yml +++ b/java/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/java/ql/src/qlpack.yml b/java/ql/src/qlpack.yml index b27efa16aca..d6a09bd85e1 100644 --- a/java/ql/src/qlpack.yml +++ b/java/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/java-queries -version: 0.0.12-dev +version: 0.1.0-dev groups: - java - queries diff --git a/java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll b/java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll index 4d12f91c812..03d67082098 100644 --- a/java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll +++ b/java/ql/src/utils/flowtestcasegenerator/FlowTestCase.qll @@ -41,7 +41,7 @@ private class CallableToTest extends Callable { exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _) and + summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _, _) and this = interpretElement(namespace, type, subtypes, name, signature, ext) and this.isPublic() and getRootType(this.getDeclaringType()).(RefType).isPublic() @@ -64,7 +64,8 @@ private newtype TTestCase = string inputSpec, string outputSpec | any(TargetSummaryModelCsv tsmc).row(row) and - summaryModel(namespace, type, subtypes, name, signature, ext, inputSpec, outputSpec, kind, row) and + summaryModel(namespace, type, subtypes, name, signature, ext, inputSpec, outputSpec, kind, + false, row) and callable = interpretElement(namespace, type, subtypes, name, signature, ext) and Private::External::interpretSpec(inputSpec, input) and Private::External::interpretSpec(outputSpec, output) diff --git a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.qll b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.qll index db87582473d..9eb925be422 100644 --- a/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.qll +++ b/java/ql/src/utils/flowtestcasegenerator/GenerateFlowTestCase.qll @@ -21,25 +21,25 @@ query string getAParseFailure(string reason) { any(TargetSummaryModelCsv target).row(result) and any(SummaryModelCsv model).row(result) and ( - not summaryModel(_, _, _, _, _, _, _, _, _, result) and + not summaryModel(_, _, _, _, _, _, _, _, _, _, result) and reason = "row could not be parsed" or exists( string namespace, string type, boolean subtypes, string name, string signature, string ext | - summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _, result) and + summaryModel(namespace, type, subtypes, name, signature, ext, _, _, _, _, result) and not interpretElement(namespace, type, subtypes, name, signature, ext) instanceof Callable and reason = "callable could not be resolved" ) or exists(string inputSpec | - summaryModel(_, _, _, _, _, _, inputSpec, _, _, result) and + summaryModel(_, _, _, _, _, _, inputSpec, _, _, _, result) and not Private::External::interpretSpec(inputSpec, _) and reason = "input spec could not be parsed" ) or exists(string outputSpec | - summaryModel(_, _, _, _, _, _, _, outputSpec, _, result) and + summaryModel(_, _, _, _, _, _, _, outputSpec, _, _, result) and not Private::External::interpretSpec(outputSpec, _) and reason = "output spec could not be parsed" ) diff --git a/java/ql/src/utils/model-generator/internal/CaptureModels.qll b/java/ql/src/utils/model-generator/internal/CaptureModels.qll index fc16b82b461..81f13d978dd 100644 --- a/java/ql/src/utils/model-generator/internal/CaptureModels.qll +++ b/java/ql/src/utils/model-generator/internal/CaptureModels.qll @@ -44,7 +44,7 @@ private string asSummaryModel(TargetApi api, string input, string output, string result = asPartialModel(api) + input + ";" // + output + ";" // - + kind + + "generated:" + kind } /** @@ -68,7 +68,7 @@ private string asTaintModel(TargetApi api, string input, string output) { */ bindingset[input, kind] private string asSinkModel(TargetApi api, string input, string kind) { - result = asPartialModel(api) + input + ";" + kind + result = asPartialModel(api) + input + ";" + "generated:" + kind } /** @@ -76,7 +76,7 @@ private string asSinkModel(TargetApi api, string input, string kind) { */ bindingset[output, kind] private string asSourceModel(TargetApi api, string output, string kind) { - result = asPartialModel(api) + output + ";" + kind + result = asPartialModel(api) + output + ";" + "generated:" + kind } /** diff --git a/java/ql/test/library-tests/dataflow/external-models/C.java b/java/ql/test/library-tests/dataflow/external-models/C.java index 44e01158a1f..b2f35172488 100644 --- a/java/ql/test/library-tests/dataflow/external-models/C.java +++ b/java/ql/test/library-tests/dataflow/external-models/C.java @@ -24,6 +24,16 @@ public class C { stepQualArg(argOut); } + void fooGenerated() { + Object arg1 = new Object(); + stepArgResGenerated(arg1); + + Object arg2 = new Object(); + // The summary for the first parameter is ignored, because it is generated and + // because there is hand written summary for the second parameter. + stepArgResGeneratedIgnored(arg1, arg2); + } + Object stepArgRes(Object x) { return null; } void stepArgArg(Object in, Object out) { } @@ -33,4 +43,8 @@ public class C { Object stepQualRes() { return null; } void stepQualArg(Object out) { } + + Object stepArgResGenerated(Object x) { return null; } + + Object stepArgResGeneratedIgnored(Object x, Object y) { return null; } } diff --git a/java/ql/test/library-tests/dataflow/external-models/steps.expected b/java/ql/test/library-tests/dataflow/external-models/steps.expected index 02548a949c8..9f19ff65f9f 100644 --- a/java/ql/test/library-tests/dataflow/external-models/steps.expected +++ b/java/ql/test/library-tests/dataflow/external-models/steps.expected @@ -8,3 +8,5 @@ invalidModelRow | C.java:20:5:20:8 | this | C.java:20:5:20:22 | stepQualRes(...) | | C.java:21:5:21:17 | this <.method> | C.java:21:5:21:17 | stepQualRes(...) | | C.java:24:5:24:23 | this <.method> | C.java:24:17:24:22 | argOut [post update] | +| C.java:29:25:29:28 | arg1 | C.java:29:5:29:29 | stepArgResGenerated(...) | +| C.java:34:38:34:41 | arg2 | C.java:34:5:34:42 | stepArgResGeneratedIgnored(...) | diff --git a/java/ql/test/library-tests/dataflow/external-models/steps.ql b/java/ql/test/library-tests/dataflow/external-models/steps.ql index 5909f1e5222..09c5ca97764 100644 --- a/java/ql/test/library-tests/dataflow/external-models/steps.ql +++ b/java/ql/test/library-tests/dataflow/external-models/steps.ql @@ -13,7 +13,10 @@ class SummaryModelTest extends SummaryModelCsv { "my.qltest;C;false;stepArgArg;(Object,Object);;Argument[0];Argument[1];taint", "my.qltest;C;false;stepArgQual;(Object);;Argument[0];Argument[-1];taint", "my.qltest;C;false;stepQualRes;();;Argument[-1];ReturnValue;taint", - "my.qltest;C;false;stepQualArg;(Object);;Argument[-1];Argument[0];taint" + "my.qltest;C;false;stepQualArg;(Object);;Argument[-1];Argument[0];taint", + "my.qltest;C;false;stepArgResGenerated;(Object);;Argument[0];ReturnValue;generated:taint", + "my.qltest;C;false;stepArgResGeneratedIgnored;(Object,Object);;Argument[0];ReturnValue;generated:taint", + "my.qltest;C;false;stepArgResGeneratedIgnored;(Object,Object);;Argument[1];ReturnValue;taint", ] } } diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.expected b/java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.expected index 5d471dcd671..0791e49c71b 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.expected +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/TempDirLocalInformationDisclosure.expected @@ -1,38 +1,26 @@ edges | Files.java:10:24:10:69 | new File(...) : File | Files.java:14:37:14:43 | baseDir : File | -| Files.java:10:24:10:69 | new File(...) : File | Files.java:15:17:15:23 | tempDir | | Files.java:10:33:10:68 | getProperty(...) : String | Files.java:10:24:10:69 | new File(...) : File | -| Files.java:10:33:10:68 | getProperty(...) : String | Files.java:14:37:14:43 | baseDir : File | -| Files.java:10:33:10:68 | getProperty(...) : String | Files.java:15:17:15:23 | tempDir | | Files.java:14:28:14:64 | new File(...) : File | Files.java:15:17:15:23 | tempDir | | Files.java:14:37:14:43 | baseDir : File | Files.java:14:28:14:64 | new File(...) : File | | Test.java:36:24:36:69 | new File(...) : File | Test.java:39:63:39:69 | tempDir | | Test.java:36:33:36:68 | getProperty(...) : String | Test.java:36:24:36:69 | new File(...) : File | -| Test.java:36:33:36:68 | getProperty(...) : String | Test.java:39:63:39:69 | tempDir | | Test.java:50:29:50:94 | new File(...) : File | Test.java:53:63:53:74 | tempDirChild | | Test.java:50:38:50:83 | new File(...) : File | Test.java:50:29:50:94 | new File(...) : File | -| Test.java:50:38:50:83 | new File(...) : File | Test.java:53:63:53:74 | tempDirChild | | Test.java:50:47:50:82 | getProperty(...) : String | Test.java:50:38:50:83 | new File(...) : File | -| Test.java:50:47:50:82 | getProperty(...) : String | Test.java:53:63:53:74 | tempDirChild | | Test.java:61:24:61:69 | new File(...) : File | Test.java:64:63:64:69 | tempDir | | Test.java:61:33:61:68 | getProperty(...) : String | Test.java:61:24:61:69 | new File(...) : File | -| Test.java:61:33:61:68 | getProperty(...) : String | Test.java:64:63:64:69 | tempDir | | Test.java:75:24:75:69 | new File(...) : File | Test.java:78:63:78:69 | tempDir | | Test.java:75:33:75:68 | getProperty(...) : String | Test.java:75:24:75:69 | new File(...) : File | -| Test.java:75:33:75:68 | getProperty(...) : String | Test.java:78:63:78:69 | tempDir | | Test.java:110:29:110:84 | new File(...) : File | Test.java:113:9:113:20 | tempDirChild | | Test.java:110:38:110:73 | getProperty(...) : String | Test.java:110:29:110:84 | new File(...) : File | -| Test.java:110:38:110:73 | getProperty(...) : String | Test.java:113:9:113:20 | tempDirChild | | Test.java:134:29:134:84 | new File(...) : File | Test.java:137:9:137:20 | tempDirChild | | Test.java:134:38:134:73 | getProperty(...) : String | Test.java:134:29:134:84 | new File(...) : File | -| Test.java:134:38:134:73 | getProperty(...) : String | Test.java:137:9:137:20 | tempDirChild | | Test.java:158:29:158:88 | new File(...) : File | Test.java:159:21:159:32 | tempDirChild : File | | Test.java:158:38:158:73 | getProperty(...) : String | Test.java:158:29:158:88 | new File(...) : File | -| Test.java:158:38:158:73 | getProperty(...) : String | Test.java:159:21:159:32 | tempDirChild : File | | Test.java:159:21:159:32 | tempDirChild : File | Test.java:159:21:159:41 | toPath(...) | | Test.java:187:29:187:88 | new File(...) : File | Test.java:188:21:188:32 | tempDirChild : File | | Test.java:187:38:187:73 | getProperty(...) : String | Test.java:187:29:187:88 | new File(...) : File | -| Test.java:187:38:187:73 | getProperty(...) : String | Test.java:188:21:188:32 | tempDirChild : File | | Test.java:188:21:188:32 | tempDirChild : File | Test.java:188:21:188:41 | toPath(...) | | Test.java:204:29:204:104 | new File(...) : File | Test.java:204:29:204:113 | toPath(...) : Path | | Test.java:204:29:204:113 | toPath(...) : Path | Test.java:207:33:207:44 | tempDirChild | @@ -42,28 +30,28 @@ edges | Test.java:216:38:216:73 | getProperty(...) : String | Test.java:216:29:216:102 | new File(...) : File | | Test.java:228:29:228:100 | new File(...) : File | Test.java:231:26:231:37 | tempDirChild : File | | Test.java:228:38:228:73 | getProperty(...) : String | Test.java:228:29:228:100 | new File(...) : File | -| Test.java:228:38:228:73 | getProperty(...) : String | Test.java:231:26:231:37 | tempDirChild : File | | Test.java:231:26:231:37 | tempDirChild : File | Test.java:231:26:231:46 | toPath(...) | | Test.java:249:29:249:101 | new File(...) : File | Test.java:252:31:252:42 | tempDirChild : File | | Test.java:249:38:249:73 | getProperty(...) : String | Test.java:249:29:249:101 | new File(...) : File | -| Test.java:249:38:249:73 | getProperty(...) : String | Test.java:252:31:252:42 | tempDirChild : File | | Test.java:252:31:252:42 | tempDirChild : File | Test.java:252:31:252:51 | toPath(...) | | Test.java:260:29:260:109 | new File(...) : File | Test.java:263:33:263:44 | tempDirChild : File | | Test.java:260:38:260:73 | getProperty(...) : String | Test.java:260:29:260:109 | new File(...) : File | -| Test.java:260:38:260:73 | getProperty(...) : String | Test.java:263:33:263:44 | tempDirChild : File | | Test.java:263:33:263:44 | tempDirChild : File | Test.java:263:33:263:53 | toPath(...) | | Test.java:294:29:294:101 | new File(...) : File | Test.java:298:35:298:46 | tempDirChild : File | | Test.java:294:38:294:73 | getProperty(...) : String | Test.java:294:29:294:101 | new File(...) : File | -| Test.java:294:38:294:73 | getProperty(...) : String | Test.java:298:35:298:46 | tempDirChild : File | | Test.java:298:35:298:46 | tempDirChild : File | Test.java:298:35:298:55 | toPath(...) | | Test.java:313:29:313:101 | new File(...) : File | Test.java:316:35:316:46 | tempDirChild : File | | Test.java:313:38:313:73 | getProperty(...) : String | Test.java:313:29:313:101 | new File(...) : File | -| Test.java:313:38:313:73 | getProperty(...) : String | Test.java:316:35:316:46 | tempDirChild : File | | Test.java:316:35:316:46 | tempDirChild : File | Test.java:316:35:316:55 | toPath(...) | | Test.java:322:29:322:101 | new File(...) : File | Test.java:326:35:326:46 | tempDirChild : File | | Test.java:322:38:322:73 | getProperty(...) : String | Test.java:322:29:322:101 | new File(...) : File | -| Test.java:322:38:322:73 | getProperty(...) : String | Test.java:326:35:326:46 | tempDirChild : File | | Test.java:326:35:326:46 | tempDirChild : File | Test.java:326:35:326:55 | toPath(...) | +| Test.java:350:29:350:101 | new File(...) : File | Test.java:355:35:355:46 | tempDirChild : File | +| Test.java:350:38:350:73 | getProperty(...) : String | Test.java:350:29:350:101 | new File(...) : File | +| Test.java:355:35:355:46 | tempDirChild : File | Test.java:355:35:355:55 | toPath(...) | +| Test.java:361:29:361:101 | new File(...) : File | Test.java:366:35:366:46 | tempDirChild : File | +| Test.java:361:38:361:73 | getProperty(...) : String | Test.java:361:29:361:101 | new File(...) : File | +| Test.java:366:35:366:46 | tempDirChild : File | Test.java:366:35:366:55 | toPath(...) | nodes | Files.java:10:24:10:69 | new File(...) : File | semmle.label | new File(...) : File | | Files.java:10:33:10:68 | getProperty(...) : String | semmle.label | getProperty(...) : String | @@ -133,6 +121,14 @@ nodes | Test.java:322:38:322:73 | getProperty(...) : String | semmle.label | getProperty(...) : String | | Test.java:326:35:326:46 | tempDirChild : File | semmle.label | tempDirChild : File | | Test.java:326:35:326:55 | toPath(...) | semmle.label | toPath(...) | +| Test.java:350:29:350:101 | new File(...) : File | semmle.label | new File(...) : File | +| Test.java:350:38:350:73 | getProperty(...) : String | semmle.label | getProperty(...) : String | +| Test.java:355:35:355:46 | tempDirChild : File | semmle.label | tempDirChild : File | +| Test.java:355:35:355:55 | toPath(...) | semmle.label | toPath(...) | +| Test.java:361:29:361:101 | new File(...) : File | semmle.label | new File(...) : File | +| Test.java:361:38:361:73 | getProperty(...) : String | semmle.label | getProperty(...) : String | +| Test.java:366:35:366:46 | tempDirChild : File | semmle.label | tempDirChild : File | +| Test.java:366:35:366:55 | toPath(...) | semmle.label | toPath(...) | subpaths #select | Files.java:10:33:10:68 | getProperty(...) | Files.java:10:33:10:68 | getProperty(...) : String | Files.java:15:17:15:23 | tempDir | Local information disclosure vulnerability from $@ due to use of file or directory readable by other local users. | Files.java:10:33:10:68 | getProperty(...) | system temp directory | @@ -155,3 +151,5 @@ subpaths | Test.java:294:38:294:73 | getProperty(...) | Test.java:294:38:294:73 | getProperty(...) : String | Test.java:298:35:298:55 | toPath(...) | Local information disclosure vulnerability from $@ due to use of file or directory readable by other local users. | Test.java:294:38:294:73 | getProperty(...) | system temp directory | | Test.java:313:38:313:73 | getProperty(...) | Test.java:313:38:313:73 | getProperty(...) : String | Test.java:316:35:316:55 | toPath(...) | Local information disclosure vulnerability from $@ due to use of file or directory readable by other local users. | Test.java:313:38:313:73 | getProperty(...) | system temp directory | | Test.java:322:38:322:73 | getProperty(...) | Test.java:322:38:322:73 | getProperty(...) : String | Test.java:326:35:326:55 | toPath(...) | Local information disclosure vulnerability from $@ due to use of file or directory readable by other local users. | Test.java:322:38:322:73 | getProperty(...) | system temp directory | +| Test.java:350:38:350:73 | getProperty(...) | Test.java:350:38:350:73 | getProperty(...) : String | Test.java:355:35:355:55 | toPath(...) | Local information disclosure vulnerability from $@ due to use of file or directory readable by other local users. | Test.java:350:38:350:73 | getProperty(...) | system temp directory | +| Test.java:361:38:361:73 | getProperty(...) | Test.java:361:38:361:73 | getProperty(...) : String | Test.java:366:35:366:55 | toPath(...) | Local information disclosure vulnerability from $@ due to use of file or directory readable by other local users. | Test.java:361:38:361:73 | getProperty(...) | system temp directory | diff --git a/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java b/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java index 3ea5fe3e112..e1ec05ac51c 100644 --- a/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java +++ b/java/ql/test/query-tests/security/CWE-200/semmle/tests/Test.java @@ -344,4 +344,26 @@ public class Test { Files.createDirectory(tempDirChild.toPath()); } } + + void vulnerableBecauseFileSeparatorCheckElseCase() throws IOException { + // GIVEN: + File tempDirChild = new File(System.getProperty("java.io.tmpdir"), "/child-create-directory"); + + if (File.separatorChar == '\\') { + Files.createDirectory(tempDirChild.toPath()); // Safe + } else { + Files.createDirectory(tempDirChild.toPath()); // Vulnerable + } + } + + void vulnerableBecauseInvertedFileSeperatorCheckElseCase() throws IOException { + // GIVEN: + File tempDirChild = new File(System.getProperty("java.io.tmpdir"), "/child-create-directory"); + + if (File.separatorChar != '/') { + Files.createDirectory(tempDirChild.toPath()); // Safe + } else { + Files.createDirectory(tempDirChild.toPath()); // Vulnerable + } + } } diff --git a/java/ql/test/utils/model-generator/CaptureSinkModels.expected b/java/ql/test/utils/model-generator/CaptureSinkModels.expected index 5366882e7f4..8f2f422da53 100644 --- a/java/ql/test/utils/model-generator/CaptureSinkModels.expected +++ b/java/ql/test/utils/model-generator/CaptureSinkModels.expected @@ -1,4 +1,4 @@ -| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[-1];create-file | -| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];create-file | -| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];open-url | -| p;Sources;true;readUrl;(URL);;Argument[0];open-url | +| p;PrivateFlowViaPublicInterface$SPI;true;openStream;();;Argument[-1];generated:create-file | +| p;Sinks;true;copyFileToDirectory;(Path,Path,CopyOption[]);;Argument[1];generated:create-file | +| p;Sinks;true;readUrl;(URL,Charset);;Argument[0];generated:open-url | +| p;Sources;true;readUrl;(URL);;Argument[0];generated:open-url | diff --git a/java/ql/test/utils/model-generator/CaptureSourceModels.expected b/java/ql/test/utils/model-generator/CaptureSourceModels.expected index f47eb7d230c..27c28a28115 100644 --- a/java/ql/test/utils/model-generator/CaptureSourceModels.expected +++ b/java/ql/test/utils/model-generator/CaptureSourceModels.expected @@ -1,5 +1,5 @@ -| p;Sources;true;readUrl;(URL);;ReturnValue;remote | -| p;Sources;true;socketStream;();;ReturnValue;remote | -| p;Sources;true;sourceToParameter;(InputStream[],List);;Argument[0].ArrayElement;remote | -| p;Sources;true;sourceToParameter;(InputStream[],List);;Argument[1].Element;remote | -| p;Sources;true;wrappedSocketStream;();;ReturnValue;remote | +| p;Sources;true;readUrl;(URL);;ReturnValue;generated:remote | +| p;Sources;true;socketStream;();;ReturnValue;generated:remote | +| p;Sources;true;sourceToParameter;(InputStream[],List);;Argument[0].ArrayElement;generated:remote | +| p;Sources;true;sourceToParameter;(InputStream[],List);;Argument[1].Element;generated:remote | +| p;Sources;true;wrappedSocketStream;();;ReturnValue;generated:remote | diff --git a/java/ql/test/utils/model-generator/CaptureSummaryModels.expected b/java/ql/test/utils/model-generator/CaptureSummaryModels.expected index 9f76437a4c9..96c0a7e9df7 100644 --- a/java/ql/test/utils/model-generator/CaptureSummaryModels.expected +++ b/java/ql/test/utils/model-generator/CaptureSummaryModels.expected @@ -1,46 +1,46 @@ -| p;Factory;false;create;(String);;Argument[0];ReturnValue;taint | -| p;Factory;false;create;(String,int);;Argument[0];ReturnValue;taint | -| p;Factory;false;getValue;();;Argument[-1];ReturnValue;taint | -| p;FinalClass;false;returnsInput;(String);;Argument[0];ReturnValue;taint | -| p;FluentAPI;false;returnsThis;(String);;Argument[-1];ReturnValue;value | -| p;ImmutablePojo;false;ImmutablePojo;(String,int);;Argument[0];Argument[-1];taint | -| p;ImmutablePojo;false;getValue;();;Argument[-1];ReturnValue;taint | -| p;ImmutablePojo;false;or;(String);;Argument[-1];ReturnValue;taint | -| p;ImmutablePojo;false;or;(String);;Argument[0];ReturnValue;taint | -| p;InnerClasses$CaptureMe;true;yesCm;(String);;Argument[0];ReturnValue;taint | -| p;InnerClasses;true;yes;(String);;Argument[0];ReturnValue;taint | -| p;InnerHolder;false;append;(String);;Argument[0];Argument[-1];taint | -| p;InnerHolder;false;explicitSetContext;(String);;Argument[0];Argument[-1];taint | -| p;InnerHolder;false;getValue;();;Argument[-1];ReturnValue;taint | -| p;InnerHolder;false;setContext;(String);;Argument[0];Argument[-1];taint | -| p;Joiner;false;Joiner;(CharSequence);;Argument[0];Argument[-1];taint | -| p;Joiner;false;Joiner;(CharSequence,CharSequence,CharSequence);;Argument[0];Argument[-1];taint | -| p;Joiner;false;Joiner;(CharSequence,CharSequence,CharSequence);;Argument[1];Argument[-1];taint | -| p;Joiner;false;Joiner;(CharSequence,CharSequence,CharSequence);;Argument[2];Argument[-1];taint | -| p;Joiner;false;add;(CharSequence);;Argument[-1];ReturnValue;value | -| p;Joiner;false;merge;(Joiner);;Argument[-1];ReturnValue;value | -| p;Joiner;false;setEmptyValue;(CharSequence);;Argument[-1];ReturnValue;value | -| p;Joiner;false;setEmptyValue;(CharSequence);;Argument[0];Argument[-1];taint | -| p;Joiner;false;toString;();;Argument[-1];ReturnValue;taint | -| p;MultipleImpls$Strat2;true;getValue;();;Argument[-1];ReturnValue;taint | -| p;MultipleImpls$Strategy;true;doSomething;(String);;Argument[0];Argument[-1];taint | -| p;MultipleImpls$Strategy;true;doSomething;(String);;Argument[0];ReturnValue;taint | -| p;ParamFlow;true;addTo;(String,List);;Argument[0];Argument[1].Element;taint | -| p;ParamFlow;true;returnArrayElement;(String[]);;Argument[0].ArrayElement;ReturnValue;taint | -| p;ParamFlow;true;returnCollectionElement;(List);;Argument[0].Element;ReturnValue;taint | -| p;ParamFlow;true;returnIterableElement;(Iterable);;Argument[0].Element;ReturnValue;taint | -| p;ParamFlow;true;returnIteratorElement;(Iterator);;Argument[0].Element;ReturnValue;taint | -| p;ParamFlow;true;returnMultipleParameters;(String,String);;Argument[0];ReturnValue;taint | -| p;ParamFlow;true;returnMultipleParameters;(String,String);;Argument[1];ReturnValue;taint | -| p;ParamFlow;true;returnVarArgElement;(String[]);;Argument[0].ArrayElement;ReturnValue;taint | -| p;ParamFlow;true;returnsInput;(String);;Argument[0];ReturnValue;taint | -| p;ParamFlow;true;writeChunked;(byte[],OutputStream);;Argument[0];Argument[1];taint | -| p;ParamFlow;true;writeChunked;(char[],OutputStream);;Argument[0];Argument[1];taint | -| p;Pojo;false;fillIn;(List);;Argument[-1];Argument[0].Element;taint | -| p;Pojo;false;getBoxedBytes;();;Argument[-1];ReturnValue;taint | -| p;Pojo;false;getBoxedChars;();;Argument[-1];ReturnValue;taint | -| p;Pojo;false;getByteArray;();;Argument[-1];ReturnValue;taint | -| p;Pojo;false;getCharArray;();;Argument[-1];ReturnValue;taint | -| p;Pojo;false;getValue;();;Argument[-1];ReturnValue;taint | -| p;Pojo;false;setValue;(String);;Argument[0];Argument[-1];taint | -| p;PrivateFlowViaPublicInterface;true;createAnSPI;(File);;Argument[0];ReturnValue;taint | +| p;Factory;false;create;(String);;Argument[0];ReturnValue;generated:taint | +| p;Factory;false;create;(String,int);;Argument[0];ReturnValue;generated:taint | +| p;Factory;false;getValue;();;Argument[-1];ReturnValue;generated:taint | +| p;FinalClass;false;returnsInput;(String);;Argument[0];ReturnValue;generated:taint | +| p;FluentAPI;false;returnsThis;(String);;Argument[-1];ReturnValue;generated:value | +| p;ImmutablePojo;false;ImmutablePojo;(String,int);;Argument[0];Argument[-1];generated:taint | +| p;ImmutablePojo;false;getValue;();;Argument[-1];ReturnValue;generated:taint | +| p;ImmutablePojo;false;or;(String);;Argument[-1];ReturnValue;generated:taint | +| p;ImmutablePojo;false;or;(String);;Argument[0];ReturnValue;generated:taint | +| p;InnerClasses$CaptureMe;true;yesCm;(String);;Argument[0];ReturnValue;generated:taint | +| p;InnerClasses;true;yes;(String);;Argument[0];ReturnValue;generated:taint | +| p;InnerHolder;false;append;(String);;Argument[0];Argument[-1];generated:taint | +| p;InnerHolder;false;explicitSetContext;(String);;Argument[0];Argument[-1];generated:taint | +| p;InnerHolder;false;getValue;();;Argument[-1];ReturnValue;generated:taint | +| p;InnerHolder;false;setContext;(String);;Argument[0];Argument[-1];generated:taint | +| p;Joiner;false;Joiner;(CharSequence);;Argument[0];Argument[-1];generated:taint | +| p;Joiner;false;Joiner;(CharSequence,CharSequence,CharSequence);;Argument[0];Argument[-1];generated:taint | +| p;Joiner;false;Joiner;(CharSequence,CharSequence,CharSequence);;Argument[1];Argument[-1];generated:taint | +| p;Joiner;false;Joiner;(CharSequence,CharSequence,CharSequence);;Argument[2];Argument[-1];generated:taint | +| p;Joiner;false;add;(CharSequence);;Argument[-1];ReturnValue;generated:value | +| p;Joiner;false;merge;(Joiner);;Argument[-1];ReturnValue;generated:value | +| p;Joiner;false;setEmptyValue;(CharSequence);;Argument[-1];ReturnValue;generated:value | +| p;Joiner;false;setEmptyValue;(CharSequence);;Argument[0];Argument[-1];generated:taint | +| p;Joiner;false;toString;();;Argument[-1];ReturnValue;generated:taint | +| p;MultipleImpls$Strat2;true;getValue;();;Argument[-1];ReturnValue;generated:taint | +| p;MultipleImpls$Strategy;true;doSomething;(String);;Argument[0];Argument[-1];generated:taint | +| p;MultipleImpls$Strategy;true;doSomething;(String);;Argument[0];ReturnValue;generated:taint | +| p;ParamFlow;true;addTo;(String,List);;Argument[0];Argument[1].Element;generated:taint | +| p;ParamFlow;true;returnArrayElement;(String[]);;Argument[0].ArrayElement;ReturnValue;generated:taint | +| p;ParamFlow;true;returnCollectionElement;(List);;Argument[0].Element;ReturnValue;generated:taint | +| p;ParamFlow;true;returnIterableElement;(Iterable);;Argument[0].Element;ReturnValue;generated:taint | +| p;ParamFlow;true;returnIteratorElement;(Iterator);;Argument[0].Element;ReturnValue;generated:taint | +| p;ParamFlow;true;returnMultipleParameters;(String,String);;Argument[0];ReturnValue;generated:taint | +| p;ParamFlow;true;returnMultipleParameters;(String,String);;Argument[1];ReturnValue;generated:taint | +| p;ParamFlow;true;returnVarArgElement;(String[]);;Argument[0].ArrayElement;ReturnValue;generated:taint | +| p;ParamFlow;true;returnsInput;(String);;Argument[0];ReturnValue;generated:taint | +| p;ParamFlow;true;writeChunked;(byte[],OutputStream);;Argument[0];Argument[1];generated:taint | +| p;ParamFlow;true;writeChunked;(char[],OutputStream);;Argument[0];Argument[1];generated:taint | +| p;Pojo;false;fillIn;(List);;Argument[-1];Argument[0].Element;generated:taint | +| p;Pojo;false;getBoxedBytes;();;Argument[-1];ReturnValue;generated:taint | +| p;Pojo;false;getBoxedChars;();;Argument[-1];ReturnValue;generated:taint | +| p;Pojo;false;getByteArray;();;Argument[-1];ReturnValue;generated:taint | +| p;Pojo;false;getCharArray;();;Argument[-1];ReturnValue;generated:taint | +| p;Pojo;false;getValue;();;Argument[-1];ReturnValue;generated:taint | +| p;Pojo;false;setValue;(String);;Argument[0];Argument[-1];generated:taint | +| p;PrivateFlowViaPublicInterface;true;createAnSPI;(File);;Argument[0];ReturnValue;generated:taint | diff --git a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll index 23ba238ff99..cba8fc8fab7 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/CoreKnowledge.qll @@ -106,9 +106,9 @@ predicate isKnownLibrarySink(DataFlow::Node n) { * Holds if the node `n` is known as the predecessor in a modeled flow step. */ predicate isKnownStepSrc(DataFlow::Node n) { - any(TaintTracking::AdditionalTaintStep s).step(n, _) or - any(DataFlow::AdditionalFlowStep s).step(n, _) or - any(DataFlow::AdditionalFlowStep s).step(n, _, _, _) + TaintTracking::sharedTaintStep(n, _) or + DataFlow::SharedFlowStep::step(n, _) or + DataFlow::SharedFlowStep::step(n, _, _, _) } /** diff --git a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll index 695945fb28f..75382606a04 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll +++ b/javascript/ql/experimental/adaptivethreatmodeling/modelbuilding/extraction/ExtractEndpointData.qll @@ -75,7 +75,11 @@ private DataFlow::Node getANotASink(NotASinkReason reason) { */ private DataFlow::Node getAnUnknown(Query query) { getAtmCfg(query).isEffectiveSink(result) and + // Effective sinks should exclude sinks but this is a defensive requirement not result = getASink(query) and + // Effective sinks should exclude NotASink but for some queries (e.g. Xss) this is currently not always the case and + // so this is a defensive requirement + not result = getANotASink(_) and // Only consider the source code for the project being analyzed. exists(result.getFile().getRelativePath()) } diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/.gitignore b/javascript/ql/experimental/adaptivethreatmodeling/test/.gitignore new file mode 100644 index 00000000000..16a637d4a92 --- /dev/null +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/.gitignore @@ -0,0 +1 @@ +**/*.testproj \ No newline at end of file diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected index a4e457b726c..52a048659d4 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/EndpointFeatures.expected @@ -9926,6 +9926,10 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | calleeAccessPathWithStructuralInfo | | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | calleeName | write | | autogenerated/Xss/DomBasedXss/string-manipulations.js:12:16:12:61 | escape( ... href))) | receiverName | document | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | calleeAccessPath | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | calleeAccessPathWithStructuralInfo | | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | enclosingFunctionBody | translate own goal backpass fumble feint target document location search searchParams URLSearchParams target substring 1 $ original-term html searchParams get term $ translated-term html translate searchParams get term | +| autogenerated/Xss/DomBasedXss/translate.js:7:42:7:60 | target.substring(1) | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/translate.js:7:59:7:59 | 1 | calleeAccessPathWithStructuralInfo | | @@ -10213,6 +10217,10 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | enclosingFunctionBody | target document location search $ myId html target document write document write $
$
$
params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:18:29:18:34 | 'name' | receiverName | params | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | calleeAccessPath | | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | calleeAccessPathWithStructuralInfo | | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | enclosingFunctionBody | target document location search $ myId html target document write document write $
$
$
params URL document location searchParams $ name html params get name searchParams URLSearchParams target substring 1 $ name html searchParams get name | +| autogenerated/Xss/DomBasedXss/tst.js:20:42:20:60 | target.substring(1) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/tst.js:20:59:20:59 | 1 | calleeAccessPathWithStructuralInfo | | @@ -12661,6 +12669,13 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | enclosingFunctionBody | req res res send req body res send marked req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:12:23:27 | marked(req.body) | receiverName | res | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | argumentIndex | 0 | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | calleeAccessPath | marked | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | calleeAccessPathWithStructuralInfo | marked instanceorreturn | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | calleeApiName | marked | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | calleeName | marked | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | enclosingFunctionBody | req res res send req body res send marked req body | +| autogenerated/Xss/ReflectedXss/ReflectedXss.js:23:19:23:26 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:27:21:27:36 | 'markdown-table' | calleeAccessPathWithStructuralInfo | | diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointData.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointData.expected index b4ced5a634d..a80c206b9c3 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointData.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointData.expected @@ -55,22 +55,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -131,22 +115,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -395,22 +363,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | SqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -979,22 +931,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -3143,22 +3079,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | SqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -3243,22 +3163,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -4847,74 +4751,10 @@ endpoints | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -4951,38 +4791,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5083,386 +4891,50 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5603,22 +5075,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5627,22 +5083,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5651,22 +5091,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5775,38 +5199,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5823,38 +5215,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5939,110 +5299,14 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6063,110 +5327,14 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6187,38 +5355,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6243,38 +5379,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6327,22 +5431,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6363,22 +5451,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | Xss | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6419,838 +5491,86 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7351,74 +5671,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7455,22 +5711,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7487,74 +5727,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7591,22 +5767,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7747,22 +5907,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7839,22 +5983,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7979,22 +6107,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8059,22 +6171,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8167,38 +6263,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8227,74 +6291,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8331,38 +6331,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8427,38 +6395,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8523,22 +6459,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8627,22 +6547,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8835,22 +6739,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8963,22 +6851,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9007,22 +6879,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9083,54 +6939,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9139,38 +6947,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9211,22 +6987,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9363,58 +7123,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9443,70 +7155,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9535,70 +7183,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9627,86 +7211,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9735,86 +7239,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9939,38 +7363,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10087,42 +7479,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10187,38 +7547,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10331,38 +7659,6 @@ endpoints | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10431,38 +7727,6 @@ endpoints | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10551,38 +7815,6 @@ endpoints | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10711,38 +7943,6 @@ endpoints | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10811,38 +8011,6 @@ endpoints | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11199,22 +8367,6 @@ endpoints | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | Xss | isConstantExpression | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11227,110 +8379,14 @@ endpoints | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11359,38 +8415,6 @@ endpoints | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11551,78 +8575,14 @@ endpoints | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11879,38 +8839,6 @@ endpoints | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12315,22 +9243,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12347,22 +9259,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12379,42 +9275,10 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | SqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | SqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12439,42 +9303,10 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12487,22 +9319,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12519,22 +9335,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12551,22 +9351,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12727,22 +9511,6 @@ endpoints | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12767,94 +9535,14 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12875,58 +9563,10 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12963,22 +9603,6 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13003,38 +9627,6 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:15 | 'click' | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13315,62 +9891,14 @@ endpoints | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13419,54 +9947,6 @@ endpoints | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13555,22 +10035,6 @@ endpoints | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | Xss | notASinkReason | ClientRequest | string | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | Xss | notASinkReason | JQueryArgument | string | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14051,22 +10515,6 @@ endpoints | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | Xss | notASinkReason | DOM | string | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | SqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14155,22 +10603,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14179,34 +10611,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14215,34 +10619,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14251,90 +10627,10 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14343,166 +10639,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:30 | "' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14747,22 +10867,6 @@ endpoints | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14799,38 +10903,6 @@ endpoints | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -15539,38 +11611,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | Xss | notASinkReason | DOM | string | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -16575,22 +12615,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18291,38 +14315,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18347,38 +14339,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18603,22 +14563,6 @@ endpoints | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | SqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18707,22 +14651,6 @@ endpoints | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | Xss | notASinkReason | ConstantReceiver | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "" | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18799,22 +14727,6 @@ endpoints | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | Xss | notASinkReason | ConstantReceiver | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:41 | ["
' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18915,22 +14811,6 @@ endpoints | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | Xss | notASinkReason | ConstantReceiver | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -19043,22 +14923,6 @@ endpoints | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -20479,22 +16343,6 @@ endpoints | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | Xss | notASinkReason | JQueryArgument | string | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -20707,18 +16555,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | SqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -20827,18 +16663,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21019,54 +16843,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21115,54 +16891,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21199,38 +16927,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21367,18 +17063,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21391,18 +17075,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21471,18 +17143,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -22027,38 +17687,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | SqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -22739,22 +18367,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -24007,18 +19619,6 @@ endpoints | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -24287,38 +19887,6 @@ endpoints | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -25123,38 +20691,6 @@ endpoints | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27203,18 +22739,6 @@ endpoints | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27239,22 +22763,6 @@ endpoints | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27331,70 +22839,6 @@ endpoints | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27728,14 +23172,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | enclosingFunctionName | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | receiverName | app | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | calleeAccessPath | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | calleeAccessPathWithStructuralInfo | | @@ -27768,14 +23204,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | enclosingFunctionName | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | receiverName | app | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | calleeAccessPath | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | calleeAccessPathWithStructuralInfo | | @@ -27912,14 +23340,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | receiverName | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | calleeAccessPath | ajv compile | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | calleeAccessPathWithStructuralInfo | ajv instanceorreturn member compile instanceorreturn instanceorreturn | @@ -28384,14 +23804,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | receiverName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | calleeAccessPath | express get | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -30000,14 +25412,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | receiverName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | enclosingFunctionName | app.get#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | calleeAccessPath | mongoose model find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | calleeAccessPathWithStructuralInfo | mongoose member model instanceorreturn member find instanceorreturn | @@ -30056,14 +25460,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | enclosingFunctionBody | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | enclosingFunctionName | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | receiverName | app | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | calleeAccessPath | mongoose model find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | calleeAccessPathWithStructuralInfo | mongoose member model instanceorreturn member find instanceorreturn | @@ -31312,22 +26708,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | receiverName | | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31336,22 +26716,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | enclosingFunctionName | createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeName | join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeName | join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | calleeAccessPathWithStructuralInfo | | @@ -31400,22 +26764,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31520,22 +26868,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31544,14 +26876,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeAccessPath | path basename | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeAccessPathWithStructuralInfo | path member basename instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeName | basename | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31560,14 +26884,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeAccessPath | path dirname | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeAccessPathWithStructuralInfo | path member dirname instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeName | dirname | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31576,14 +26892,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeAccessPath | path extname | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeAccessPathWithStructuralInfo | path member extname instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeName | extname | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31592,14 +26900,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31608,38 +26908,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | argumentIndex | 2 | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | argumentIndex | 3 | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31648,14 +26916,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31664,22 +26924,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31688,22 +26932,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31712,14 +26940,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31728,38 +26948,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | argumentIndex | 2 | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | argumentIndex | 3 | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31768,14 +26956,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeAccessPath | path toNamespacedPath | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeAccessPathWithStructuralInfo | path member toNamespacedPath instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeName | toNamespacedPath | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | calleeAccessPathWithStructuralInfo | | @@ -31872,14 +27052,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeAccessPath | querystringify parse | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeAccessPathWithStructuralInfo | querystringify member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeApiName | querystringify | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31896,14 +27068,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeAccessPath | query-string parse | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeAccessPathWithStructuralInfo | query-string member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeApiName | query-string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31920,14 +27084,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeAccessPath | querystring parse | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeAccessPathWithStructuralInfo | querystring member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeApiName | querystring | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | calleeAccessPathWithStructuralInfo | | @@ -32000,22 +27156,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeAccessPath | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeApiName | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeName | set | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | enclosingFunctionBody | ev Cookie set unsafe ev data | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | enclosingFunctionName | addEventListener#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | receiverName | Cookie | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeAccessPath | | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeApiName | | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeName | set | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | enclosingFunctionBody | ev Cookie set unsafe ev data | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | enclosingFunctionName | addEventListener#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | receiverName | Cookie | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | calleeAccessPath | http createServer | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | calleeAccessPathWithStructuralInfo | http member createServer instanceorreturn | @@ -32024,22 +27164,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32088,22 +27212,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32112,22 +27220,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32136,22 +27228,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32168,22 +27244,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32192,22 +27252,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32216,22 +27260,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32248,22 +27276,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | enclosingFunctionBody | req res path url parse req url true query path require send req path | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | enclosingFunctionBody | req res path url parse req url true query path require send req path | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | calleeAccessPathWithStructuralInfo | | @@ -32288,22 +27300,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32360,14 +27356,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeAccessPath | | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeApiName | | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeName | concat | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | receiverName | prefix | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32384,14 +27372,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | receiverName | concatted | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeAccessPath | url parse query path split concat | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member split instanceorreturn member concat instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeName | concat | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | receiverName | split | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32424,22 +27404,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32448,22 +27412,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32472,22 +27420,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32496,22 +27428,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32520,22 +27436,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32544,22 +27444,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32568,22 +27452,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32592,22 +27460,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32616,22 +27468,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32640,22 +27476,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32664,22 +27484,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32688,22 +27492,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32712,22 +27500,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32736,22 +27508,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32760,22 +27516,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32784,30 +27524,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32816,30 +27532,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32848,30 +27540,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32880,30 +27548,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32912,22 +27556,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32936,30 +27564,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | receiverName | | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | argumentIndex | 0 | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | calleeAccessPath | | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | calleeAccessPathWithStructuralInfo | | @@ -33088,22 +27692,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33112,22 +27700,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | calleeAccessPath | express get | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -33152,14 +27724,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33192,22 +27756,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33216,22 +27764,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | calleeAccessPath | express get | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -33256,14 +27788,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33368,14 +27892,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -33448,14 +27964,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -33544,14 +28052,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33600,14 +28100,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -33680,22 +28172,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | calleeAccessPath | fs realpathSync startsWith | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | calleeAccessPathWithStructuralInfo | fs member realpathSync instanceorreturn member startsWith instanceorreturn | @@ -33720,22 +28196,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33744,22 +28204,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | calleeAccessPath | express get | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -33784,22 +28228,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | calleeAccessPath | path join startsWith | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn member startsWith instanceorreturn | @@ -33848,22 +28276,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | calleeAccessPath | path join startsWith | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn member startsWith instanceorreturn | @@ -33912,14 +28324,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | calleeAccessPath | | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | calleeAccessPathWithStructuralInfo | | @@ -33984,14 +28388,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | calleeAccessPath | path normalize includes | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member includes instanceorreturn | @@ -34136,14 +28532,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -34224,14 +28612,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -34256,14 +28636,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeAccessPath | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeApiName | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeName | decodeURIComponent | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | receiverName | | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | calleeAccessPath | | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | calleeAccessPathWithStructuralInfo | | @@ -34304,30 +28676,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | receiverName | | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34344,22 +28692,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeAccessPath | path normalize replace replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | receiverName | path | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeAccessPath | path normalize replace replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | receiverName | path | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34392,14 +28724,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34496,14 +28820,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34512,22 +28828,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | calleeAccessPath | path relative startsWith | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn member startsWith instanceorreturn | @@ -34552,38 +28852,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | calleeAccessPath | path relative indexOf | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn member indexOf instanceorreturn | @@ -34608,38 +28876,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | calleeAccessPath | path relative indexOf | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn member indexOf instanceorreturn | @@ -34664,46 +28900,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | calleeAccessPath | path normalize indexOf | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member indexOf instanceorreturn | @@ -34728,46 +28924,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | calleeAccessPath | path normalize indexOf | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member indexOf instanceorreturn | @@ -34880,22 +29036,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | calleeAccessPath | path-is-inside | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | calleeAccessPathWithStructuralInfo | path-is-inside instanceorreturn | @@ -34984,14 +29124,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35000,14 +29132,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | calleeAccessPath | path resolve indexOf | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn member indexOf instanceorreturn | @@ -35056,22 +29180,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | calleeAccessPath | | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | calleeAccessPathWithStructuralInfo | | @@ -35176,22 +29284,6 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35304,22 +29396,6 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | receiverName | url | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | argumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | calleeAccessPath | util promisify | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | calleeAccessPathWithStructuralInfo | util member promisify instanceorreturn | @@ -35400,22 +29476,6 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | receiverName | url | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35528,22 +29588,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeName | parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | receiverName | url | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35656,22 +29700,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | receiverName | http | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35912,14 +29940,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | receiverName | req | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeName | resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | receiverName | path | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | calleeAccessPath | express get res sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param res member sendFile instanceorreturn | @@ -35944,22 +29964,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | receiverName | res | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeName | resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | receiverName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeName | resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | receiverName | path | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | calleeAccessPath | express get res sendfile | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param res member sendfile instanceorreturn | @@ -35968,22 +29972,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | receiverName | res | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | receiverName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | receiverName | path | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | calleeAccessPath | express get res sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param res member sendFile instanceorreturn | @@ -35992,22 +29980,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | receiverName | res | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | receiverName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | receiverName | path | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | calleeAccessPath | | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | calleeAccessPathWithStructuralInfo | | @@ -36040,22 +30012,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | receiverName | http | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeName | parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | receiverName | url | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36160,14 +30116,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | receiverName | fs | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeAccessPath | url parse query path concat | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member concat instanceorreturn | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeApiName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | receiverName | path | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36176,14 +30124,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | receiverName | fs | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeAccessPath | | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeApiName | | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | receiverName | unknown | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36192,22 +30132,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | receiverName | fs | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeAccessPath | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeApiName | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | receiverName | unknown | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeAccessPath | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeApiName | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | receiverName | unknown | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36456,22 +30380,6 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | receiverName | http | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36864,14 +30772,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeName | classNames | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -36904,14 +30804,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeAccessPath | classnames/dedupe | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeAccessPathWithStructuralInfo | classnames/dedupe instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeApiName | classnames/dedupe | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeName | classNamesD | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -36944,14 +30836,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeAccessPath | classnames/bind | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeAccessPathWithStructuralInfo | classnames/bind instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeApiName | classnames/bind | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeName | classNamesB | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -36960,14 +30844,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeAccessPath | classnames bind | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeAccessPathWithStructuralInfo | classnames member bind instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeName | bind | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | receiverName | classNames | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | calleeAccessPathWithStructuralInfo | | @@ -37000,14 +30876,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeName | unsafeStyle | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37016,14 +30884,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeAccessPath | classnames bind | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeAccessPathWithStructuralInfo | classnames member bind instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeName | bind | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | receiverName | classNames | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | calleeAccessPathWithStructuralInfo | | @@ -37048,14 +30908,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeName | safeStyle | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37088,14 +30940,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeName | safeStyle | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37128,14 +30972,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeAccessPath | clsx | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeAccessPathWithStructuralInfo | clsx instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeApiName | clsx | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeName | clsx | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37264,14 +31100,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | enclosingFunctionBody | selection selection attr foo bar html getTaint | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | enclosingFunctionName | otherFunction | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | receiverName | | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | calleeAccessPathWithStructuralInfo | | @@ -37288,22 +31116,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | receiverName | dateFns | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | receiverName | dateFns | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | calleeAccessPathWithStructuralInfo | | @@ -37312,22 +31124,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeAccessPath | date-fns/esm format | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeAccessPathWithStructuralInfo | date-fns/esm member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeApiName | date-fns/esm | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | receiverName | dateFnsEsm | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeAccessPath | date-fns/esm format | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeAccessPathWithStructuralInfo | date-fns/esm member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeApiName | date-fns/esm | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | receiverName | dateFnsEsm | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | calleeAccessPathWithStructuralInfo | | @@ -37336,14 +31132,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeAccessPath | date-fns/fp format | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeApiName | date-fns/fp | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | receiverName | dateFnsFp | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | calleeAccessPath | date-fns/fp format | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn instanceorreturn | @@ -37360,22 +31148,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | receiverName | dateFns | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | receiverName | dateFns | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | calleeAccessPathWithStructuralInfo | | @@ -37384,14 +31156,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeAccessPath | date-fns/fp format | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeApiName | date-fns/fp | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | receiverName | dateFnsFp | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | calleeAccessPath | date-fns/fp format | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn instanceorreturn | @@ -37416,14 +31180,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeAccessPath | moment format | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeAccessPathWithStructuralInfo | moment instanceorreturn member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeApiName | moment | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | receiverName | | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | calleeAccessPathWithStructuralInfo | | @@ -37448,22 +31204,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeAccessPath | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeAccessPathWithStructuralInfo | dateformat instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeApiName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeAccessPath | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeAccessPathWithStructuralInfo | dateformat instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeApiName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | receiverName | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:15 | 'click | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | receiverName | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeApiName | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeName | encodeURIComponent | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | enclosingFunctionBody | loc window location href $ click | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | receiverName | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | argumentIndex | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | calleeAccessPathWithStructuralInfo | | @@ -37728,14 +31460,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | receiverName | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeApiName | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | receiverName | | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | argumentIndex | | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | calleeAccessPathWithStructuralInfo | | @@ -37744,14 +31468,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | receiverName | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeApiName | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | receiverName | | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | argumentIndex | | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | calleeAccessPathWithStructuralInfo | | @@ -37760,14 +31476,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | receiverName | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeApiName | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | receiverName | | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | calleeAccessPathWithStructuralInfo | | @@ -37800,30 +31508,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | receiverName | req | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeAccessPath | jsonwebtoken verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeAccessPathWithStructuralInfo | jsonwebtoken member verify instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeApiName | jsonwebtoken | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeName | verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | receiverName | jwt | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeAccessPath | jsonwebtoken verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeAccessPathWithStructuralInfo | jsonwebtoken member verify instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeApiName | jsonwebtoken | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeName | verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | receiverName | jwt | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | argumentIndex | 2 | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeAccessPath | jsonwebtoken verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeAccessPathWithStructuralInfo | jsonwebtoken member verify instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeApiName | jsonwebtoken | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeName | verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | receiverName | jwt | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | argumentIndex | | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | calleeAccessPathWithStructuralInfo | | @@ -37864,14 +31548,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | enclosingFunctionBody | | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | receiverName | $ | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeAccessPath | jwt-decode | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeAccessPathWithStructuralInfo | jwt-decode instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeApiName | jwt-decode | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeName | jwt_decode | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | enclosingFunctionName | $.post#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | receiverName | | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | calleeAccessPath | jquery jGrowl | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | calleeAccessPathWithStructuralInfo | jquery member jGrowl instanceorreturn | @@ -38184,14 +31860,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | receiverName | | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeAccessPath | react createContext | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeAccessPathWithStructuralInfo | react member createContext instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeName | createContext | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | enclosingFunctionBody | | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | receiverName | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | calleeAccessPathWithStructuralInfo | | @@ -38264,14 +31932,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | enclosingFunctionBody | root context root appendChild window name | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | enclosingFunctionName | foo | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | receiverName | root | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | enclosingFunctionName | initialState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38288,22 +31948,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | enclosingFunctionName | initialState | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | enclosingFunctionName | setStateValue | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | enclosingFunctionName | setStateValue | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38320,22 +31964,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | enclosingFunctionName | setStateValue | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38352,22 +31980,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | calleeAccessPathWithStructuralInfo | | @@ -38376,38 +31988,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | enclosingFunctionName | setStateValueSafe | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | enclosingFunctionName | setStateValueSafe | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | enclosingFunctionName | setStateValueSafe | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38424,86 +32004,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | enclosingFunctionName | setStateValueSafe | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeAccessPath | express get req query data toString replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeAccessPath | express get req query data toString replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeAccessPath | express get req query data toString replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeAccessPath | express get req query data toString replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeAccessPath | express get req query data toString replace replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeAccessPath | express get req query data toString replace replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | receiverName | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:30 | "' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeName | exec | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | receiverName | regex | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | argumentIndex | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | calleeAccessPathWithStructuralInfo | | @@ -38872,14 +32364,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeName | exec | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | receiverName | regex | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | argumentIndex | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | calleeAccessPathWithStructuralInfo | | @@ -38952,22 +32436,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | receiverName | tainted | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | receiverName | tainted | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | calleeAccessPathWithStructuralInfo | | @@ -39480,22 +32948,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | enclosingFunctionBody | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | receiverName | document | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeName | parse | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | enclosingFunctionBody | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | receiverName | JSON | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | enclosingFunctionBody | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | receiverName | | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | calleeAccessPathWithStructuralInfo | | @@ -40288,14 +33740,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | receiverName | document | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeName | exec | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | enclosingFunctionName | tst | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | receiverName | | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | calleeAccessPathWithStructuralInfo | | @@ -41552,22 +34996,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | receiverName | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | receiverName | target | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | receiverName | target | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | calleeAccessPathWithStructuralInfo | | @@ -41584,22 +35012,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | receiverName | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | receiverName | target | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | receiverName | target | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | argumentIndex | | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | calleeAccessPathWithStructuralInfo | | @@ -41712,14 +35124,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | receiverName | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeApiName | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeName | cb | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | receiverName | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | argumentIndex | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | calleeAccessPathWithStructuralInfo | | @@ -41832,14 +35236,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | calleeAccessPathWithStructuralInfo | | @@ -41960,14 +35356,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:41 | ["
' | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | calleeAccessPathWithStructuralInfo | | @@ -42080,14 +35460,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | calleeAccessPathWithStructuralInfo | | @@ -42168,14 +35540,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | receiverName | xhr | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeApiName | | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeName | parse | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | enclosingFunctionName | ready#functionalargument | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | receiverName | JSON | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | calleeAccessPathWithStructuralInfo | | @@ -43008,14 +36372,6 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | receiverName | $ | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | argumentIndex | 0 | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeAccessPath | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeApiName | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeName | parse | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | enclosingFunctionName | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | receiverName | JSON | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | argumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | calleeAccessPath | | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | calleeAccessPathWithStructuralInfo | | @@ -43136,14 +36492,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeAccessPath | markdown-table | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeAccessPathWithStructuralInfo | markdown-table instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeApiName | markdown-table | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeName | table | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | argumentIndex | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | calleeAccessPathWithStructuralInfo | | @@ -43216,14 +36564,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeAccessPath | showdown Converter makeHtml | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeAccessPathWithStructuralInfo | showdown member Converter instanceorreturn member makeHtml instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeApiName | showdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeName | makeHtml | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | receiverName | converter | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | calleeAccessPathWithStructuralInfo | | @@ -43376,30 +36716,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeAccessPath | unified use use use use use process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeAccessPathWithStructuralInfo | unified instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeApiName | unified | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | argumentIndex | 1 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeAccessPath | unified use use use use use process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeAccessPathWithStructuralInfo | unified instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeApiName | unified | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeAccessPath | remark processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeAccessPathWithStructuralInfo | remark instanceorreturn member processSync instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeApiName | remark | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeName | processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | calleeAccessPath | remark use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | calleeAccessPathWithStructuralInfo | remark instanceorreturn member use instanceorreturn | @@ -43424,30 +36740,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeAccessPath | unified use processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeAccessPathWithStructuralInfo | unified instanceorreturn member use instanceorreturn member processSync instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeApiName | unified | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeName | processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeAccessPath | remark process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeAccessPathWithStructuralInfo | remark instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeApiName | remark | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | argumentIndex | 1 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeAccessPath | remark process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeAccessPathWithStructuralInfo | remark instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeApiName | remark | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | calleeAccessPathWithStructuralInfo | | @@ -43472,22 +36764,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeAccessPath | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeAccessPathWithStructuralInfo | snarkdown instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeApiName | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeName | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeAccessPath | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeAccessPathWithStructuralInfo | snarkdown instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeApiName | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeName | snarkdown2 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | calleeAccessPathWithStructuralInfo | | @@ -43584,14 +36860,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeAccessPath | markdown-it render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member render instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeApiName | markdown-it | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeName | render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | receiverName | markdownIt | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | calleeAccessPath | markdown-it render | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member render instanceorreturn | @@ -43600,14 +36868,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | receiverName | markdownIt2 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeAccessPath | markdown-it use render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member use instanceorreturn member render instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeApiName | markdown-it | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeName | render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | receiverName | markdownIt3 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | calleeAccessPath | markdown-it use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member use instanceorreturn | @@ -43656,14 +36916,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeAccessPath | markdown-it use use render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member use instanceorreturn member use instanceorreturn member render instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeApiName | markdown-it | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeName | render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | calleeAccessPathWithStructuralInfo | | @@ -44000,22 +37252,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeAccessPath | url parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeApiName | url | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeName | parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | enclosingFunctionName | createServer#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | receiverName | url | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | argumentIndex | 1 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeAccessPath | url parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeApiName | url | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeName | parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | enclosingFunctionName | createServer#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | receiverName | url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | calleeAccessPath | http createServer resp writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | calleeAccessPathWithStructuralInfo | http member createServer functionalarg param resp member writeHead instanceorreturn | @@ -44432,14 +37668,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeAccessPath | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeApiName | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeName | exec | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | enclosingFunctionName | escapeHtml2 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | receiverName | matchHtmlRegExp | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | calleeAccessPath | express get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -45272,14 +38500,6 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | receiverName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | argumentIndex | 0 | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeAccessPath | markdown-it render | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member render instanceorreturn | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeApiName | markdown-it | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeName | render | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | enclosingFunctionName | xssThroughMarkdown | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | receiverName | markdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | argumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | calleeAccessPath | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | calleeAccessPathWithStructuralInfo | | @@ -45560,22 +38780,6 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | receiverName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | argumentIndex | 0 | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeAccessPath | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeApiName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeName | replace | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | enclosingFunctionName | guards | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | receiverName | attrVal | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | argumentIndex | 1 | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeAccessPath | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeApiName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeName | replace | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | enclosingFunctionName | guards | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | receiverName | attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | argumentIndex | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | calleeAccessPath | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | calleeAccessPathWithStructuralInfo | | @@ -46416,22 +39620,6 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | enclosingFunctionBody | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | receiverName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | argumentIndex | 0 | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeAccessPath | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeApiName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeName | replace | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | enclosingFunctionBody | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | enclosingFunctionName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | receiverName | something | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | argumentIndex | 1 | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeAccessPath | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeApiName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeName | replace | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | enclosingFunctionBody | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | enclosingFunctionName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | receiverName | something | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | argumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | calleeAccessPath | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | calleeAccessPathWithStructuralInfo | | @@ -47568,14 +40756,6 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeAccessPath | anser ansiToHtml | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeAccessPathWithStructuralInfo | anser member ansiToHtml instanceorreturn | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeApiName | anser | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeName | ansiToHtml | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | receiverName | anser | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | argumentIndex | 0 | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | calleeAccessPath | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | calleeAccessPathWithStructuralInfo | | @@ -47592,14 +40772,6 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeAccessPath | anser process | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeAccessPathWithStructuralInfo | anser instanceorreturn member process instanceorreturn | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeApiName | anser | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeName | process | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | receiverName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | argumentIndex | 0 | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | calleeAccessPath | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | calleeAccessPathWithStructuralInfo | | @@ -47656,38 +40828,6 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | argumentIndex | 1 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | argumentIndex | 1 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | receiverName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | argumentIndex | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | calleeAccessPath | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | calleeAccessPathWithStructuralInfo | | diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataEvaluation.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataEvaluation.expected index b4ced5a634d..a80c206b9c3 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataEvaluation.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataEvaluation.expected @@ -55,22 +55,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -131,22 +115,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -395,22 +363,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | SqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -979,22 +931,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | hasFlowFromSource | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -3143,22 +3079,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | SqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -3243,22 +3163,6 @@ endpoints | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | isConstantExpression | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | Xss | sinkLabel | Unknown | string | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -4847,74 +4751,10 @@ endpoints | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -4951,38 +4791,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5083,386 +4891,50 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5603,22 +5075,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5627,22 +5083,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5651,22 +5091,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5775,38 +5199,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5823,38 +5215,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -5939,110 +5299,14 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6063,110 +5327,14 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6187,38 +5355,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6243,38 +5379,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6327,22 +5431,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6363,22 +5451,6 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | Xss | isConstantExpression | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -6419,838 +5491,86 @@ endpoints | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7351,74 +5671,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7455,22 +5711,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7487,74 +5727,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7591,22 +5767,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7747,22 +5907,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7839,22 +5983,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -7979,22 +6107,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8059,22 +6171,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8167,38 +6263,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8227,74 +6291,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8331,38 +6331,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8427,38 +6395,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8523,22 +6459,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8627,22 +6547,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8835,22 +6739,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -8963,22 +6851,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9007,22 +6879,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9083,54 +6939,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9139,38 +6947,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9211,22 +6987,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9363,58 +7123,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9443,70 +7155,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9535,70 +7183,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9627,86 +7211,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9735,86 +7239,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -9939,38 +7363,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10087,42 +7479,10 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10187,38 +7547,6 @@ endpoints | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10331,38 +7659,6 @@ endpoints | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10431,38 +7727,6 @@ endpoints | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10551,38 +7815,6 @@ endpoints | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10711,38 +7943,6 @@ endpoints | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -10811,38 +8011,6 @@ endpoints | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11199,22 +8367,6 @@ endpoints | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | Xss | isConstantExpression | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11227,110 +8379,14 @@ endpoints | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11359,38 +8415,6 @@ endpoints | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11551,78 +8575,14 @@ endpoints | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | TaintedPath | sinkLabel | Sink | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -11879,38 +8839,6 @@ endpoints | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | Xss | sinkLabel | Unknown | string | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | TaintedPath | hasFlowFromSource | true | boolean | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | TaintedPath | isConstantExpression | false | boolean | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12315,22 +9243,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12347,22 +9259,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12379,42 +9275,10 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | SqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | SqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12439,42 +9303,10 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12487,22 +9319,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12519,22 +9335,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12551,22 +9351,6 @@ endpoints | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12727,22 +9511,6 @@ endpoints | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12767,94 +9535,14 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12875,58 +9563,10 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -12963,22 +9603,6 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13003,38 +9627,6 @@ endpoints | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:15 | 'click' | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13315,62 +9891,14 @@ endpoints | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13419,54 +9947,6 @@ endpoints | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -13555,22 +10035,6 @@ endpoints | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | Xss | notASinkReason | ClientRequest | string | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | Xss | notASinkReason | JQueryArgument | string | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14051,22 +10515,6 @@ endpoints | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | Xss | notASinkReason | DOM | string | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | SqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14155,22 +10603,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14179,34 +10611,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14215,34 +10619,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14251,90 +10627,10 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | TaintedPath | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14343,166 +10639,6 @@ endpoints | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:30 | "' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14747,22 +10867,6 @@ endpoints | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -14799,38 +10903,6 @@ endpoints | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -15539,38 +11611,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | Xss | notASinkReason | DOM | string | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -16575,22 +12615,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18291,38 +14315,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18347,38 +14339,6 @@ endpoints | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18603,22 +14563,6 @@ endpoints | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | SqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18707,22 +14651,6 @@ endpoints | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | Xss | notASinkReason | ConstantReceiver | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18799,22 +14727,6 @@ endpoints | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | Xss | notASinkReason | ConstantReceiver | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:41 | ["
' | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -18915,22 +14811,6 @@ endpoints | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | Xss | notASinkReason | ConstantReceiver | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | Xss | hasFlowFromSource | true | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -19043,22 +14923,6 @@ endpoints | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -20479,22 +16343,6 @@ endpoints | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | Xss | notASinkReason | JQueryArgument | string | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | Xss | sinkLabel | NotASink | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -20707,18 +16555,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | SqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -20827,18 +16663,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21019,54 +16843,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21115,54 +16891,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21199,38 +16927,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21367,18 +17063,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21391,18 +17075,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | NosqlInjection | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -21471,18 +17143,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | TaintedPath | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | TaintedPath | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | @@ -22027,38 +17687,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | SqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | SqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -22739,22 +18367,6 @@ endpoints | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | hasFlowFromSource | true | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -24007,18 +19619,6 @@ endpoints | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -24287,38 +19887,6 @@ endpoints | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -25123,38 +20691,6 @@ endpoints | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27203,18 +22739,6 @@ endpoints | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27239,22 +22763,6 @@ endpoints | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | NosqlInjection | hasFlowFromSource | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | NosqlInjection | isConstantExpression | true | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27331,70 +22839,6 @@ endpoints | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | Xss | isConstantExpression | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | Xss | sinkLabel | Sink | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | isConstantExpression | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | Xss | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | NosqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | SqlInjection | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | TaintedPath | sinkLabel | Unknown | string | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | hasFlowFromSource | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | isConstantExpression | true | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | isExcludedFromEndToEndEvaluation | false | boolean | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | Xss | sinkLabel | Unknown | string | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | Xss | hasFlowFromSource | false | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | Xss | isConstantExpression | true | boolean | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | @@ -27728,14 +23172,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | enclosingFunctionName | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:12:19:15:1 | (req, r ... OT OK\\n} | receiverName | app | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | enclosingFunctionBody | req res v JSON parse req body x getCollection find id v | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:13:22:13:31 | req.body.x | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | calleeAccessPath | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } | calleeAccessPathWithStructuralInfo | | @@ -27768,14 +23204,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | enclosingFunctionName | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:20:19:24:1 | (req, r ... OT OK\\n} | receiverName | app | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | enclosingFunctionBody | req res v JSON parse req body x getMongooseModel find id v getMongooseQuery find id v | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:21:22:21:31 | req.body.x | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | calleeAccessPath | | | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } | calleeAccessPathWithStructuralInfo | | @@ -27912,14 +23340,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) | receiverName | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | enclosingFunctionBody | req res MongoClient connect mongodb://localhost:27017/test err db doc db collection doc query JSON parse req query data checkSchema query doc find query ajv validate schema query doc find query validate query doc find query doc find query | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:34:25:47 | req.query.data | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | calleeAccessPath | ajv compile | | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query | calleeAccessPathWithStructuralInfo | ajv instanceorreturn member compile instanceorreturn instanceorreturn | @@ -28384,14 +23804,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | enclosingFunctionName | app.post#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:27:32:43 | JSON.parse(title) | receiverName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | enclosingFunctionBody | req res query query title req body title MongoClient connect mongodb://localhost:27017/test err db doc db collection doc doc find query doc find title query body title doc find title query body title substr 1 title req body title title string doc find title title doc find title JSON parse title | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:32:38:32:42 | title | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | calleeAccessPath | express get | | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:37:9:37:14 | '/:id' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -30000,14 +25412,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | enclosingFunctionName | app.get#functionalargument | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} | receiverName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | enclosingFunctionBody | req res query query title JSON parse req query data title Document find query | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | enclosingFunctionName | app.get#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:20:30:20:43 | req.query.data | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | calleeAccessPath | mongoose model find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:23:19:23:23 | query | calleeAccessPathWithStructuralInfo | mongoose member model instanceorreturn member find instanceorreturn | @@ -30056,14 +25460,6 @@ tokenFeatures | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | enclosingFunctionBody | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | enclosingFunctionName | | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:9:19:14:1 | (req, r ... // OK\\n} | receiverName | app | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | argumentIndex | 0 | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeAccessPath | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeAccessPathWithStructuralInfo | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeApiName | | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | calleeName | parse | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | enclosingFunctionBody | req res v JSON parse req body x MyModel find id v MyModel find id req body id MyModel find id req body id | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | enclosingFunctionName | app.post#functionalargument | -| autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:10:22:10:31 | req.body.x | receiverName | JSON | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | argumentIndex | 0 | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | calleeAccessPath | mongoose model find | | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:16:11:24 | { id: v } | calleeAccessPathWithStructuralInfo | mongoose member model instanceorreturn member find instanceorreturn | @@ -31312,22 +26708,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath-es6.js:6:27:11:1 | functio ... h)));\\n} | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:20:7:26 | req.url | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:7:29:7:32 | true | receiverName | | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31336,22 +26716,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | enclosingFunctionName | createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath-es6.js:10:26:10:45 | join("public", path) | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | calleeName | join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:31:10:38 | "public" | receiverName | | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | calleeName | join | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | enclosingFunctionBody | req res path parse req url true query path res write readFileSync join public path | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | enclosingFunctionName | createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath-es6.js:10:41:10:44 | path | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:1:18:1:21 | 'fs' | calleeAccessPathWithStructuralInfo | | @@ -31400,22 +26764,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:8:32:61:1 | functio ... h)));\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:12:29:12:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31520,22 +26868,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:36:29:36:32 | path | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:38:20:38:26 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:38:29:38:32 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31544,14 +26876,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:40:29:40:53 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeAccessPath | path basename | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeAccessPathWithStructuralInfo | path member basename instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | calleeName | basename | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:40:49:40:52 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31560,14 +26884,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:42:29:42:52 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeAccessPath | path dirname | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeAccessPathWithStructuralInfo | path member dirname instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | calleeName | dirname | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:42:48:42:51 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31576,14 +26892,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:44:29:44:52 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeAccessPath | path extname | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeAccessPathWithStructuralInfo | path member extname instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | calleeName | extname | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:44:48:44:51 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31592,14 +26900,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:46:29:46:49 | pathMod ... n(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:46:45:46:48 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31608,38 +26908,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:48:29:48:58 | pathMod ... ath, z) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:45:48:45 | x | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:48:48:48 | y | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | argumentIndex | 2 | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:51:48:54 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | argumentIndex | 3 | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeAccessPath | path join | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | calleeName | join | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:48:57:48:57 | z | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31648,14 +26916,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:50:29:50:54 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:50:50:50:53 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31664,22 +26924,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:52:29:52:56 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:52:49:52:49 | x | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:52:52:52:55 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31688,22 +26932,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:54:29:54:56 | pathMod ... ath, x) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:54:49:54:52 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeAccessPath | path relative | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | calleeName | relative | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:54:55:54:55 | x | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31712,14 +26940,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:56:29:56:52 | pathMod ... e(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:56:48:56:51 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31728,38 +26948,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:58:29:58:61 | pathMod ... ath, z) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:48:58:48 | x | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:51:58:51 | y | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | argumentIndex | 2 | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:54:58:57 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | argumentIndex | 3 | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | calleeName | resolve | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:58:60:58:60 | z | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31768,14 +26956,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:60:29:60:61 | pathMod ... h(path) | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeAccessPath | path toNamespacedPath | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeAccessPathWithStructuralInfo | path member toNamespacedPath instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | calleeName | toNamespacedPath | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path res write fs readFileSync /home/user/ path path startsWith /home/user/ res write fs readFileSync path path indexOf secret 1 res write fs readFileSync path fs existsSync path res write fs readFileSync path path foo.txt res write fs readFileSync path path foo.txt path bar.txt res write fs readFileSync path path foo.txt path bar.txt someOpaqueCondition res write fs readFileSync path path sanitize path res write fs readFileSync path path url parse req url true query path res write fs readFileSync pathModule basename path res write fs readFileSync pathModule dirname path res write fs readFileSync pathModule extname path res write fs readFileSync pathModule join path res write fs readFileSync pathModule join x y path z res write fs readFileSync pathModule normalize path res write fs readFileSync pathModule relative x path res write fs readFileSync pathModule relative path x res write fs readFileSync pathModule resolve path res write fs readFileSync pathModule resolve x y path z res write fs readFileSync pathModule toNamespacedPath path | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:60:57:60:60 | path | receiverName | pathModule | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:63:16:63:22 | 'myApp' | calleeAccessPathWithStructuralInfo | | @@ -31872,14 +27052,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:77:39:77:54 | "querystringify" | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeAccessPath | querystringify parse | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeAccessPathWithStructuralInfo | querystringify member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeApiName | querystringify | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:77:63:77:69 | req.url | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:78:31:78:74 | require ... ).query | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31896,14 +27068,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:78:39:78:52 | "query-string" | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeAccessPath | query-string parse | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeAccessPathWithStructuralInfo | query-string member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeApiName | query-string | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:78:61:78:67 | req.url | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:79:31:79:73 | require ... ).query | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -31920,14 +27084,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:79:39:79:51 | "querystring" | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeAccessPath | querystring parse | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeAccessPathWithStructuralInfo | querystring member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeApiName | querystring | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | enclosingFunctionBody | req res res write fs readFileSync require querystringify parse req url query res write fs readFileSync require query-string parse req url query res write fs readFileSync require querystring parse req url query | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:79:60:79:66 | req.url | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:84:27:84:35 | 'express' | calleeAccessPathWithStructuralInfo | | @@ -32000,22 +27156,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:95:29:97:1 | (ev) => ... ata);\\n} | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeAccessPath | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeApiName | | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | calleeName | set | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | enclosingFunctionBody | ev Cookie set unsafe ev data | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | enclosingFunctionName | addEventListener#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:96:14:96:21 | "unsafe" | receiverName | Cookie | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeAccessPath | | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeApiName | | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | calleeName | set | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | enclosingFunctionBody | ev Cookie set unsafe ev data | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | enclosingFunctionName | addEventListener#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:96:24:96:30 | ev.data | receiverName | Cookie | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | calleeAccessPath | http createServer | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | calleeAccessPathWithStructuralInfo | http member createServer instanceorreturn | @@ -32024,22 +27164,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:99:32:109:1 | functio ... );\\n\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:100:23:100:29 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync fs realpathSync path fs realpath path err realpath res write fs readFileSync realpath | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:100:32:100:35 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:102:28:102:48 | fs.real ... c(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32088,22 +27212,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:111:32:120:1 | functio ... bove.\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:112:24:112:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:112:33:112:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32112,22 +27220,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:115:25:115:46 | /[\\]\\[* ... \\?\\/]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:115:49:115:50 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32136,22 +27228,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:116:25:116:31 | /\\.\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:116:34:116:35 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:119:29:119:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32168,22 +27244,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:122:32:133:1 | functio ... bove.\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:123:24:123:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:123:33:123:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32192,22 +27252,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:128:24:128:45 | /[\\]\\[* ... \\?\\/]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:128:48:128:49 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | argumentIndex | | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | | @@ -32216,22 +27260,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:129:25:129:31 | /\\.\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeAccessPath | url parse query path replace replace | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | enclosingFunctionBody | req res path url parse req url true query path path path path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g path path replace /\\.\\./g res write fs readFileSync path | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:129:34:129:35 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:132:29:132:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32248,22 +27276,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:135:32:139:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | enclosingFunctionBody | req res path url parse req url true query path require send req path | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:136:23:136:29 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | enclosingFunctionBody | req res path url parse req url true query path require send req path | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:136:32:136:35 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | calleeAccessPath | | | autogenerated/TaintedPath/TaintedPath.js:138:10:138:15 | 'send' | calleeAccessPathWithStructuralInfo | | @@ -32288,22 +27300,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:141:32:163:1 | functio ... OK \\n\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:142:24:142:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:142:33:142:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:144:19:144:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32360,14 +27356,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:153:19:153:35 | prefix + split[x] | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeAccessPath | | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeApiName | | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | calleeName | concat | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:155:33:155:37 | split | receiverName | prefix | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:156:19:156:37 | concatted.join("/") | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32384,14 +27372,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:156:34:156:36 | "/" | receiverName | concatted | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeAccessPath | url parse query path split concat | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member split instanceorreturn member concat instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | calleeName | concat | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path split path split / fs readFileSync split join / fs readFileSync prefix split split length 1 fs readFileSync split x fs readFileSync prefix split x concatted prefix concat split fs readFileSync concatted join / concatted2 split concat prefix fs readFileSync concatted2 join / fs readFileSync split pop | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:158:33:158:38 | prefix | receiverName | split | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:159:19:159:38 | concatted2.join("/") | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32424,22 +27404,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/TaintedPath.js:165:32:196:1 | functio ... lute)\\n} | receiverName | http | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:166:24:166:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | calleeName | parse | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:166:33:166:36 | true | receiverName | url | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32448,22 +27412,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:169:29:169:68 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:169:42:169:63 | /[\\]\\[* ... \\?\\/]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:169:66:169:67 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32472,22 +27420,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:170:29:170:55 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:170:42:170:50 | /[abcd]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:170:53:170:54 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32496,22 +27428,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:171:29:171:53 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:171:42:171:48 | /[./]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:171:51:171:52 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32520,22 +27436,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:172:29:172:64 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:172:42:172:59 | /[foobar/foobar]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:172:62:172:63 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32544,22 +27444,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:173:29:173:51 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:173:42:173:46 | /\\//g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:173:49:173:50 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32568,22 +27452,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:174:29:174:54 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:174:42:174:49 | /\\.\|\\//g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:174:52:174:53 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32592,22 +27460,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:176:29:176:52 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:176:42:176:47 | /[.]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:176:50:176:51 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32616,22 +27468,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:177:29:177:53 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:177:42:177:48 | /[..]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:177:51:177:52 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32640,22 +27476,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:178:29:178:51 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:178:42:178:46 | /\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:178:49:178:50 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32664,22 +27484,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:179:29:179:57 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:179:42:179:52 | /\\.\\.\|BLA/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:179:55:179:56 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32688,22 +27492,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:182:31:182:54 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:182:44:182:49 | /[.]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:182:52:182:53 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32712,22 +27500,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:183:30:183:54 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:183:43:183:49 | /[..]/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:183:52:183:53 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32736,22 +27508,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:184:31:184:53 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:184:44:184:48 | /\\./g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:184:51:184:52 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32760,22 +27516,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:185:30:185:58 | path.re ... /g, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:185:43:185:53 | /\\.\\.\|BLA/g | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:185:56:185:57 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32784,30 +27524,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:189:29:189:95 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:189:61:189:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:189:75:189:90 | /^(\\.\\.[\\/\\\\])+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:189:93:189:94 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32816,30 +27532,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:190:29:190:94 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:190:61:190:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:190:75:190:89 | /(\\.\\.[\\/\\\\])+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:190:92:190:93 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32848,30 +27540,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:191:29:191:90 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:191:61:191:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:191:75:191:85 | /(\\.\\.\\/)+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:191:88:191:89 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32880,30 +27548,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:192:29:192:90 | "prefix ... */, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:192:61:192:64 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:192:75:192:85 | /(\\.\\.\\/)*/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:192:88:192:89 | '' | receiverName | | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32912,22 +27556,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:194:29:194:73 | "prefix ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:194:53:194:68 | /^(\\.\\.[\\/\\\\])+/ | receiverName | path | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeAccessPath | url parse query path replace | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeApiName | url | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:194:71:194:72 | '' | receiverName | path | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | argumentIndex | 0 | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -32936,30 +27564,6 @@ tokenFeatures | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/TaintedPath.js:195:29:195:84 | pathMod ... +/, '') | receiverName | fs | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | calleeName | normalize | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:195:50:195:53 | path | receiverName | pathModule | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | argumentIndex | 0 | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:195:64:195:79 | /^(\\.\\.[\\/\\\\])+/ | receiverName | | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeApiName | path | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | calleeName | replace | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path replace /[\\]\\[*,;'"`<>\\\\?\\/]/g res write fs readFileSync path replace /[abcd]/g res write fs readFileSync path replace /[./]/g res write fs readFileSync path replace /[foobar/foobar]/g res write fs readFileSync path replace /\\//g res write fs readFileSync path replace /\\.\|\\//g res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g pathModule isAbsolute path res write fs readFileSync path replace /[.]/g res write fs readFileSync path replace /[..]/g res write fs readFileSync path replace /\\./g res write fs readFileSync path replace /\\.\\.\|BLA/g res write fs readFileSync prefix pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.[\\/\\\\])+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)+/ res write fs readFileSync prefix pathModule normalize path replace /(\\.\\.\\/)*/ res write fs readFileSync prefix path replace /^(\\.\\.[\\/\\\\])+/ res write fs readFileSync pathModule normalize path replace /^(\\.\\.[\\/\\\\])+/ | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/TaintedPath.js:195:82:195:83 | '' | receiverName | | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | argumentIndex | 0 | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | calleeAccessPath | | | autogenerated/TaintedPath/my-async-fs-module.js:1:20:1:23 | 'fs' | calleeAccessPathWithStructuralInfo | | @@ -33088,22 +27692,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:16:19:16:53 | pathMod ... .html') | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:16:35:16:38 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:16:41:16:52 | 'index.html' | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33112,22 +27700,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:17:19:17:57 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:17:35:17:50 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | enclosingFunctionBody | req res path req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:17:53:17:56 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | calleeAccessPath | express get | | autogenerated/TaintedPath/normalizedPaths.js:20:9:20:20 | '/normalize' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -33152,14 +27724,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:21:35:21:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:23:19:23:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33192,22 +27756,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:26:19:26:53 | pathMod ... .html') | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:26:35:26:38 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:26:41:26:52 | 'index.html' | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33216,22 +27764,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:27:19:27:57 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:27:35:27:50 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | enclosingFunctionBody | req res path pathModule normalize req query path fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html fs readFileSync pathModule join path index.html fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:27:53:27:56 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | calleeAccessPath | express get | | autogenerated/TaintedPath/normalizedPaths.js:30:9:30:32 | '/norma ... solute' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -33256,14 +27788,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path fs readFileSync path path startsWith . fs readFileSync path fs readFileSync path path startsWith .. fs readFileSync path path startsWith ../ fs readFileSync path path startsWith .. pathModule sep fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:31:35:31:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:36:19:36:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33368,14 +27892,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync ./ path fs readFileSync path /index.html pathModule isAbsolute path fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:54:35:54:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:56:23:56:26 | ".." | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -33448,14 +27964,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | enclosingFunctionBody | req res path pathModule normalize ./ req query path path startsWith .. fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:73:35:73:55 | './' + ... ry.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:75:24:75:27 | ".." | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -33544,14 +28052,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path res write fs readFileSync path path startsWith /home/user/www res write fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:94:35:94:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:99:29:99:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33600,14 +28100,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path path startsWith /home/user/www fs readFileSync path path 0 0 / path 0 0 . fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:106:35:106:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:109:23:109:38 | "/home/user/www" | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -33680,22 +28172,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:120:19:120:53 | pathMod ... .html') | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:120:35:120:38 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:120:41:120:52 | 'index.html' | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | calleeAccessPath | fs realpathSync startsWith | | autogenerated/TaintedPath/normalizedPaths.js:122:23:122:38 | "/home/user/www" | calleeAccessPathWithStructuralInfo | fs member realpathSync instanceorreturn member startsWith instanceorreturn | @@ -33720,22 +28196,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:125:19:125:44 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:125:35:125:37 | '.' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:125:40:125:43 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -33744,22 +28204,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:126:19:126:57 | pathMod ... , path) | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:126:35:126:50 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | enclosingFunctionBody | req res path fs realpathSync req query path fs readFileSync path fs readFileSync pathModule join path index.html path startsWith /home/user/www fs readFileSync path fs readFileSync pathModule join . path fs readFileSync pathModule join /home/user/www path | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:126:53:126:56 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | calleeAccessPath | express get | | autogenerated/TaintedPath/normalizedPaths.js:129:9:129:26 | '/coerce-relative' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -33784,22 +28228,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:130:30:130:32 | '.' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | enclosingFunctionBody | req res path pathModule join . req query path path startsWith .. fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:130:35:130:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | calleeAccessPath | path join startsWith | | autogenerated/TaintedPath/normalizedPaths.js:132:24:132:27 | '..' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn member startsWith instanceorreturn | @@ -33848,22 +28276,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:139:30:139:45 | '/home/user/www' | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | enclosingFunctionBody | req res path pathModule join /home/user/www req query path path startsWith /home/user/www fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:139:48:139:61 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | calleeAccessPath | path join startsWith | | autogenerated/TaintedPath/normalizedPaths.js:141:23:141:38 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn member startsWith instanceorreturn | @@ -33912,14 +28324,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | enclosingFunctionBody | req res path foo/ pathModule normalize req query path path startsWith .. fs readFileSync path fs readFileSync path path includes .. fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:148:44:148:57 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | calleeAccessPath | | | autogenerated/TaintedPath/normalizedPaths.js:150:24:150:27 | '..' | calleeAccessPathWithStructuralInfo | | @@ -33984,14 +28388,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path path includes .. fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:160:35:160:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | calleeAccessPath | path normalize includes | | autogenerated/TaintedPath/normalizedPaths.js:162:21:162:24 | '..' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member includes instanceorreturn | @@ -34136,14 +28532,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:199:21:199:24 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | enclosingFunctionBody | req res path req query path pathModule isAbsolute path path path path startsWith / path path path startsWith /x path path path startsWith . path path fs readFileSync path pathModule isAbsolute path fs readFileSync path fs readFileSync path path includes .. fs readFileSync path fs readFileSync path path includes .. pathModule isAbsolute path fs readFileSync path fs readFileSync path normalizedPath pathModule normalize path normalizedPath startsWith /home/user/www fs readFileSync normalizedPath fs readFileSync normalizedPath normalizedPath startsWith /home/user/www normalizedPath startsWith /home/user/public fs readFileSync normalizedPath fs readFileSync normalizedPath | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:201:45:201:48 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:202:33:202:48 | '/home/user/www' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -34224,14 +28612,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:214:35:214:48 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | calleeAccessPath | path normalize startsWith | | autogenerated/TaintedPath/normalizedPaths.js:216:56:216:59 | '..' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member startsWith instanceorreturn | @@ -34256,14 +28636,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeAccessPath | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeApiName | | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | calleeName | decodeURIComponent | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | enclosingFunctionBody | req res path pathModule normalize req query path pathModule isAbsolute path path startsWith .. fs readFileSync path path decodeURIComponent path pathModule isAbsolute path path startsWith .. fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:219:29:219:32 | path | receiverName | | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | calleeAccessPath | | | autogenerated/TaintedPath/normalizedPaths.js:221:56:221:59 | '..' | calleeAccessPathWithStructuralInfo | | @@ -34304,30 +28676,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:226:35:226:48 | req.query.path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:226:59:226:64 | /%20/g | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeAccessPath | path normalize replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:226:67:226:69 | ' ' | receiverName | | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:228:21:228:24 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34344,22 +28692,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeAccessPath | path normalize replace replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:230:25:230:31 | /\\.\\./g | receiverName | path | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeAccessPath | path normalize replace replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | calleeName | replace | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | enclosingFunctionBody | req res path pathModule normalize req query path replace /%20/g pathModule isAbsolute path fs readFileSync path path path replace /\\.\\./g fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:230:34:230:35 | '' | receiverName | path | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:231:21:231:24 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34392,14 +28724,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something path substring 0 self dir length self dir fs readFileSync path fs readFileSync path path slice 0 self dir length self dir fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:236:33:236:46 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:238:19:238:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34496,14 +28820,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:254:33:254:46 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -34512,22 +28828,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:256:19:256:22 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:260:38:260:49 | self.webroot | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:260:52:260:55 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | calleeAccessPath | path relative startsWith | | autogenerated/TaintedPath/normalizedPaths.js:261:26:261:46 | ".." + ... ule.sep | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn member startsWith instanceorreturn | @@ -34552,38 +28852,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:264:21:264:24 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:267:38:267:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:268:42:268:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:268:63:268:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:268:78:268:84 | newpath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | calleeAccessPath | path relative indexOf | | autogenerated/TaintedPath/normalizedPaths.js:269:28:269:48 | '..' + ... ule.sep | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn member indexOf instanceorreturn | @@ -34608,38 +28876,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:272:21:272:27 | newpath | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:275:38:275:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:276:42:276:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:276:63:276:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:276:78:276:84 | newpath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | calleeAccessPath | path relative indexOf | | autogenerated/TaintedPath/normalizedPaths.js:277:28:277:32 | '../' | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn member indexOf instanceorreturn | @@ -34664,46 +28900,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:280:21:280:27 | newpath | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:283:38:283:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:284:42:284:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:284:63:284:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:284:78:284:84 | newpath | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:285:28:285:39 | relativePath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | calleeAccessPath | path normalize indexOf | | autogenerated/TaintedPath/normalizedPaths.js:285:50:285:54 | '../' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member indexOf instanceorreturn | @@ -34728,46 +28924,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:288:21:288:27 | newpath | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:291:38:291:41 | path | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:292:42:292:75 | pathMod ... aceDir) | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:292:63:292:74 | workspaceDir | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeAccessPath | path relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeAccessPathWithStructuralInfo | path member relative instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | calleeName | relative | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:292:78:292:84 | newpath | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeAccessPath | path normalize | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | calleeName | normalize | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path self something relative pathModule relative self webroot path relative startsWith .. pathModule sep relative .. fs readFileSync path fs readFileSync path newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf .. pathModule sep 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ 0 fs readFileSync newpath fs readFileSync newpath newpath pathModule normalize path relativePath pathModule relative pathModule normalize workspaceDir newpath pathModule normalize relativePath indexOf ../ fs readFileSync newpath fs readFileSync newpath | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:293:28:293:39 | relativePath | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | calleeAccessPath | path normalize indexOf | | autogenerated/TaintedPath/normalizedPaths.js:293:50:293:54 | '../' | calleeAccessPathWithStructuralInfo | path member normalize instanceorreturn member indexOf instanceorreturn | @@ -34880,22 +29036,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:316:19:316:22 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:320:39:320:42 | SAFE | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | enclosingFunctionBody | req res path req query path fs readFileSync path isPathInside path SAFE fs readFileSync path fs readFileSync path pathIsInside path SAFE fs readFileSync path fs readFileSync path normalizedPath pathModule join SAFE path pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath pathIsInside normalizedPath SAFE fs readFileSync normalizedPath fs readFileSync normalizedPath | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:320:45:320:48 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | calleeAccessPath | path-is-inside | | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath | calleeAccessPathWithStructuralInfo | path-is-inside instanceorreturn | @@ -34984,14 +29124,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) | receiverName | | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:339:32:339:45 | req.query.path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35000,14 +29132,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:341:18:341:21 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | calleeName | resolve | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | enclosingFunctionBody | req res path pathModule resolve req query path fs readFileSync path abs pathModule resolve path abs indexOf root 0 fs readFileSync path fs readFileSync path | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:343:31:343:34 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | calleeAccessPath | path resolve indexOf | | autogenerated/TaintedPath/normalizedPaths.js:345:18:345:21 | root | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn member indexOf instanceorreturn | @@ -35056,22 +29180,6 @@ tokenFeatures | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/normalizedPaths.js:356:19:356:22 | path | receiverName | fs | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | argumentIndex | 0 | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:358:37:358:44 | rootPath | receiverName | pathModule | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeAccessPath | path join | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeApiName | path | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | calleeName | join | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | enclosingFunctionBody | req res path req query path fs readFileSync path requestPath pathModule join rootPath path targetPath allowPath requestPath rootPath targetPath rootPath fs readFileSync requestPath targetPath requestPath fs readFileSync requestPath fs readFileSync targetPath allowPath requestPath rootPath requestPath indexOf rootPath 0 | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/normalizedPaths.js:358:47:358:50 | path | receiverName | pathModule | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | argumentIndex | 0 | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | calleeAccessPath | | | autogenerated/TaintedPath/normalizedPaths.js:361:18:361:28 | requestPath | calleeAccessPathWithStructuralInfo | | @@ -35176,22 +29284,6 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/other-fs-libraries.js:8:32:25:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path gracefulFs readFileSync path fsExtra readFileSync path originalFs readFileSync path getFsModule true readFileSync path getFsModule false readFileSync path require ./my-fs-module require true readFileSync path flexibleModuleName require process electron versions electron original-fs fs flexibleModuleName readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:11:19:11:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35304,22 +29396,6 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/other-fs-libraries.js:37:19:43:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:38:24:38:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | enclosingFunctionBody | req res path url parse req url true query path util promisify fs readFileSync path require bluebird promisify fs readFileSync path require bluebird promisifyAll fs readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:38:33:38:36 | true | receiverName | url | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | argumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | calleeAccessPath | util promisify | | autogenerated/TaintedPath/other-fs-libraries.js:40:18:40:32 | fs.readFileSync | calleeAccessPathWithStructuralInfo | util member promisify instanceorreturn | @@ -35400,22 +29476,6 @@ tokenFeatures | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/other-fs-libraries.js:48:19:53:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:49:24:49:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | calleeName | parse | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path asyncFS readFileSync path | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/other-fs-libraries.js:49:33:49:36 | true | receiverName | url | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/other-fs-libraries.js:51:19:51:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35528,22 +29588,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/tainted-access-paths.js:5:32:32:1 | functio ... OT OK\\n} | receiverName | http | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-access-paths.js:6:24:6:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | calleeName | parse | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path obj bla something path fs readFileSync obj sub obj sub safe fs readFileSync obj sub obj sub2 safe random fs readFileSync obj sub2 random obj sub3 safe fs readFileSync obj sub3 obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 fs readFileSync obj sub4 | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-access-paths.js:6:33:6:36 | true | receiverName | url | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-access-paths.js:8:19:8:22 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35656,22 +29700,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/tainted-array-steps.js:8:32:15:1 | functio ... ENCY]\\n} | receiverName | http | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-array-steps.js:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync public path join / parts public path parts parts map x x toLowerCase res write fs readFileSync parts join / | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-array-steps.js:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-array-steps.js:10:29:10:54 | ['publi ... in('/') | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -35912,14 +29940,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:18:53:18:57 | "dir" | receiverName | req | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | calleeName | resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:20:30:20:32 | '.' | receiverName | path | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | calleeAccessPath | express get res sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:21:16:21:48 | homeDir ... arams.x | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param res member sendFile instanceorreturn | @@ -35944,22 +29964,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:24:16:24:49 | path.re ... rams.x) | receiverName | res | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | calleeName | resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:24:29:24:34 | 'data' | receiverName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeAccessPath | path resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeAccessPathWithStructuralInfo | path member resolve instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | calleeName | resolve | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:24:37:24:48 | req.params.x | receiverName | path | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | calleeAccessPath | express get res sendfile | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param res member sendfile instanceorreturn | @@ -35968,22 +29972,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:25:16:25:46 | path.jo ... rams.x) | receiverName | res | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:25:26:25:31 | 'data' | receiverName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:25:34:25:45 | req.params.x | receiverName | path | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | calleeAccessPath | express get res sendFile | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param res member sendFile instanceorreturn | @@ -35992,22 +29980,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | enclosingFunctionName | app.get#functionalargument | | autogenerated/TaintedPath/tainted-sendFile.js:27:16:27:56 | homeDir ... rams.x) | receiverName | res | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:27:36:27:41 | 'data' | receiverName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeAccessPath | path join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeAccessPathWithStructuralInfo | path member join instanceorreturn | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeApiName | path | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | calleeName | join | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | enclosingFunctionBody | req res res sendFile req param gimme res sendfile req param gimme res sendFile req param gimme root process cwd res sendfile req param gimme root process cwd res sendFile req param file root req param dir homeDir path resolve . res sendFile homeDir /data/ req params x res sendfile data/ req params x res sendFile path resolve data req params x res sendfile path join data req params x res sendFile homeDir path join data req params x | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | enclosingFunctionName | app.get#functionalargument | -| autogenerated/TaintedPath/tainted-sendFile.js:27:44:27:55 | req.params.x | receiverName | path | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | calleeAccessPath | | | autogenerated/TaintedPath/tainted-string-steps.js:1:18:1:21 | 'fs' | calleeAccessPathWithStructuralInfo | | @@ -36040,22 +30012,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/tainted-string-steps.js:5:32:29:1 | functio ... ENCY]\\n} | receiverName | http | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:6:24:6:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | calleeName | parse | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:6:33:6:36 | true | receiverName | url | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:7:18:7:37 | path.substring(i, j) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36160,14 +30116,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:13:18:13:37 | path.concat(unknown) | receiverName | fs | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeAccessPath | url parse query path concat | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn member query member path member concat instanceorreturn | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeApiName | url | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:13:30:13:36 | unknown | receiverName | path | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36176,14 +30124,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:14:18:14:37 | unknown.concat(path) | receiverName | fs | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeAccessPath | | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeApiName | | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:14:33:14:36 | path | receiverName | unknown | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36192,22 +30132,6 @@ tokenFeatures | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | enclosingFunctionName | http.createServer#functionalargument | | autogenerated/TaintedPath/tainted-string-steps.js:15:18:15:46 | unknown ... , path) | receiverName | fs | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | argumentIndex | 0 | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeAccessPath | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeApiName | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:15:33:15:39 | unknown | receiverName | unknown | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | argumentIndex | 1 | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeAccessPath | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeAccessPathWithStructuralInfo | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeApiName | | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | calleeName | concat | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | enclosingFunctionBody | req res path url parse req url true query path fs readFileSync path substring i j fs readFileSync path substring 4 fs readFileSync path substring 0 i fs readFileSync path substr 4 fs readFileSync path slice 4 fs readFileSync path concat unknown fs readFileSync unknown concat path fs readFileSync unknown concat unknown path fs readFileSync path trim fs readFileSync path toLowerCase fs readFileSync path split / fs readFileSync path 0 split / 0 fs readFileSync path split / i fs readFileSync path split /\\// i fs readFileSync path 0 split ? 0 fs readFileSync path split unknown i fs readFileSync path split unknown whatever fs readFileSync path split unknown fs readFileSync path split ? i | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/tainted-string-steps.js:15:42:15:45 | path | receiverName | unknown | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | argumentIndex | 0 | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/tainted-string-steps.js:17:18:17:28 | path.trim() | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36456,22 +30380,6 @@ tokenFeatures | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | enclosingFunctionBody | | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | enclosingFunctionName | | | autogenerated/TaintedPath/typescript.ts:8:32:34:1 | functio ... nted\\n\\n} | receiverName | http | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | argumentIndex | 0 | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeAccessPath | url parse | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeApiName | url | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | calleeName | parse | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/typescript.ts:9:24:9:30 | req.url | receiverName | url | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | argumentIndex | 1 | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeAccessPath | url parse | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeApiName | url | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | calleeName | parse | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | enclosingFunctionBody | req res path url parse req url true query path res write fs readFileSync path path foo.txt res write fs readFileSync path path2 path path2 res write fs readFileSync path2 path3 path path3 res write fs readFileSync path3 path4 path path4 res write fs readFileSync path4 path5 path path5 clean res write fs readFileSync path5 path6 path path6 clean res write fs readFileSync path6 | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | enclosingFunctionName | http.createServer#functionalargument | -| autogenerated/TaintedPath/typescript.ts:9:33:9:36 | true | receiverName | url | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | argumentIndex | 0 | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | calleeAccessPath | fs readFileSync | | autogenerated/TaintedPath/typescript.ts:12:29:12:32 | path | calleeAccessPathWithStructuralInfo | fs member readFileSync instanceorreturn | @@ -36864,14 +30772,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | calleeName | classNames | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:7:58:7:68 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:7:71:7:83 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -36904,14 +30804,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeAccessPath | classnames/dedupe | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeAccessPathWithStructuralInfo | classnames/dedupe instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeApiName | classnames/dedupe | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | calleeName | classNamesD | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:8:59:8:69 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:8:72:8:84 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -36944,14 +30836,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeAccessPath | classnames/bind | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeAccessPathWithStructuralInfo | classnames/bind instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeApiName | classnames/bind | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | calleeName | classNamesB | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:9:59:9:69 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -36960,14 +30844,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:9:72:9:84 | ">Hello | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeAccessPath | classnames bind | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeAccessPathWithStructuralInfo | classnames member bind instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | calleeName | bind | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:10:39:10:56 | {foo: window.name} | receiverName | classNames | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name | calleeAccessPathWithStructuralInfo | | @@ -37000,14 +30876,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | calleeName | unsafeStyle | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:11:59:11:63 | 'foo' | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37016,14 +30884,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:11:66:11:78 | ">Hello | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeAccessPath | classnames bind | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeAccessPathWithStructuralInfo | classnames member bind instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | calleeName | bind | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:12:37:12:38 | {} | receiverName | classNames | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:13:31:13:83 | `` | calleeAccessPathWithStructuralInfo | | @@ -37048,14 +30908,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | calleeName | safeStyle | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:13:57:13:67 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:13:70:13:82 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37088,14 +30940,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:14:47:14:62 | safeStyle('foo') | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeAccessPath | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeAccessPathWithStructuralInfo | classnames instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeApiName | classnames | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | calleeName | safeStyle | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:14:57:14:61 | 'foo' | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:14:64:14:76 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37128,14 +30972,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) | receiverName | | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeAccessPath | clsx | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeAccessPathWithStructuralInfo | clsx instanceorreturn | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeApiName | clsx | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | calleeName | clsx | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | enclosingFunctionBody | document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello unsafeStyle classNames bind foo window name document body innerHTML Hello safeStyle classNames bind document body innerHTML Hello document body innerHTML Hello document body innerHTML Hello | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/classnames.js:15:52:15:62 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | argumentIndex | | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/classnames.js:15:65:15:77 | ">Hello | calleeAccessPathWithStructuralInfo | | @@ -37264,14 +31100,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | enclosingFunctionBody | selection selection attr foo bar html getTaint | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | enclosingFunctionName | otherFunction | | autogenerated/Xss/DomBasedXss/d3.js:21:15:21:24 | getTaint() | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:9:36:9:68 | window. ... ring(1) | receiverName | | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:9:67:9:67 | 1 | calleeAccessPathWithStructuralInfo | | @@ -37288,22 +31116,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:11:31:11:70 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:11:57:11:60 | time | receiverName | dateFns | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:11:63:11:67 | taint | receiverName | dateFns | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | calleeAccessPathWithStructuralInfo | | @@ -37312,22 +31124,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:12:31:12:73 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeAccessPath | date-fns/esm format | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeAccessPathWithStructuralInfo | date-fns/esm member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeApiName | date-fns/esm | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:12:60:12:63 | time | receiverName | dateFnsEsm | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeAccessPath | date-fns/esm format | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeAccessPathWithStructuralInfo | date-fns/esm member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeApiName | date-fns/esm | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:12:66:12:70 | taint | receiverName | dateFnsEsm | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | calleeAccessPathWithStructuralInfo | | @@ -37336,14 +31132,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:13:31:13:72 | `Time i ... time)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeAccessPath | date-fns/fp format | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeApiName | date-fns/fp | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:13:59:13:63 | taint | receiverName | dateFnsFp | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | calleeAccessPath | date-fns/fp format | | autogenerated/Xss/DomBasedXss/dates.js:13:66:13:69 | time | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn instanceorreturn | @@ -37360,22 +31148,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:14:31:14:70 | `Time i ... time)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:14:57:14:61 | taint | receiverName | dateFns | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeAccessPath | date-fns format | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeAccessPathWithStructuralInfo | date-fns member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeApiName | date-fns | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:14:64:14:67 | time | receiverName | dateFns | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | calleeAccessPathWithStructuralInfo | | @@ -37384,14 +31156,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:15:31:15:72 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeAccessPath | date-fns/fp format | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeApiName | date-fns/fp | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:15:59:15:62 | time | receiverName | dateFnsFp | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | calleeAccessPath | date-fns/fp format | | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint | calleeAccessPathWithStructuralInfo | date-fns/fp member format instanceorreturn instanceorreturn | @@ -37416,14 +31180,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:16:49:16:52 | time | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeAccessPath | moment format | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeAccessPathWithStructuralInfo | moment instanceorreturn member format instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeApiName | moment | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | calleeName | format | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:16:62:16:66 | taint | receiverName | | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | argumentIndex | | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/dates.js:17:31:17:65 | `Time i ... mat()}` | calleeAccessPathWithStructuralInfo | | @@ -37448,22 +31204,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | enclosingFunctionName | main | | autogenerated/Xss/DomBasedXss/dates.js:18:31:18:66 | `Time i ... aint)}` | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeAccessPath | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeAccessPathWithStructuralInfo | dateformat instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeApiName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | calleeName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:18:53:18:56 | time | receiverName | | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeAccessPath | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeAccessPathWithStructuralInfo | dateformat instanceorreturn | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeApiName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | calleeName | dateformat | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | enclosingFunctionBody | time Date taint decodeURIComponent window location hash substring 1 document body innerHTML Time is dateFns format time taint document body innerHTML Time is dateFnsEsm format time taint document body innerHTML Time is dateFnsFp format taint time document body innerHTML Time is dateFns format taint time document body innerHTML Time is dateFnsFp format time taint document body innerHTML Time is moment time format taint document body innerHTML Time is moment taint format document body innerHTML Time is dateformat time taint | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | enclosingFunctionName | main | -| autogenerated/Xss/DomBasedXss/dates.js:18:59:18:63 | taint | receiverName | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:5:3:15 | 'click | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:19:3:41 | encodeU ... nt(loc) | receiverName | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeApiName | | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | calleeName | encodeURIComponent | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | enclosingFunctionBody | loc window location href $ click | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/encodeuri.js:3:38:3:40 | loc | receiverName | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | argumentIndex | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/encodeuri.js:3:45:3:57 | '">click' | calleeAccessPathWithStructuralInfo | | @@ -37728,14 +31460,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:14:19:14:58 | decodeU ... n.hash) | receiverName | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeApiName | | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/jquery.js:14:38:14:57 | window.location.hash | receiverName | | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | argumentIndex | | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | calleeAccessPathWithStructuralInfo | | @@ -37744,14 +31468,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:15:19:15:60 | decodeU ... search) | receiverName | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeApiName | | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/jquery.js:15:38:15:59 | window. ... .search | receiverName | | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | argumentIndex | | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | calleeAccessPathWithStructuralInfo | | @@ -37760,14 +31476,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/jquery.js:16:19:16:64 | decodeU ... ring()) | receiverName | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeApiName | | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | enclosingFunctionBody | tainted document location search $ tainted $ body tainted $ . tainted $
$ body html XSS: tainted $ window location hash $ location toString elm document getElementById x elm innerHTML decodeURIComponent window location hash elm innerHTML decodeURIComponent window location search elm innerHTML decodeURIComponent window location toString | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/jquery.js:16:38:16:63 | window. ... tring() | receiverName | | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jwt-server.js:1:23:1:31 | 'express' | calleeAccessPathWithStructuralInfo | | @@ -37800,30 +31508,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/DomBasedXss/jwt-server.js:7:27:7:34 | "wobble" | receiverName | req | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeAccessPath | jsonwebtoken verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeAccessPathWithStructuralInfo | jsonwebtoken member verify instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeApiName | jsonwebtoken | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | calleeName | verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:16:9:20 | taint | receiverName | jwt | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeAccessPath | jsonwebtoken verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeAccessPathWithStructuralInfo | jsonwebtoken member verify instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeApiName | jsonwebtoken | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | calleeName | verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:23:9:37 | 'my-secret-key' | receiverName | jwt | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | argumentIndex | 2 | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeAccessPath | jsonwebtoken verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeAccessPathWithStructuralInfo | jsonwebtoken member verify instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeApiName | jsonwebtoken | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | calleeName | verify | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | enclosingFunctionBody | req res taint req param wobble jwt verify taint my-secret-key err decoded JSDOM decoded foo runScripts dangerously | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt-server.js:9:40:12:5 | functio ... ;\\n } | receiverName | jwt | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | argumentIndex | | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/jwt-server.js:11:19:11:29 | decoded.foo | calleeAccessPathWithStructuralInfo | | @@ -37864,14 +31548,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | enclosingFunctionBody | | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/jwt.js:4:35:7:1 | (data, ... ENCY]\\n} | receiverName | $ | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeAccessPath | jwt-decode | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeAccessPathWithStructuralInfo | jwt-decode instanceorreturn | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeApiName | jwt-decode | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | calleeName | jwt_decode | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | enclosingFunctionBody | data xhr decoded jwt_decode data $ jGrowl decoded | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | enclosingFunctionName | $.post#functionalargument | -| autogenerated/Xss/DomBasedXss/jwt.js:5:30:5:33 | data | receiverName | | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | calleeAccessPath | jquery jGrowl | | autogenerated/Xss/DomBasedXss/jwt.js:6:14:6:20 | decoded | calleeAccessPathWithStructuralInfo | jquery member jGrowl instanceorreturn | @@ -38184,14 +31860,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | enclosingFunctionBody | target document location search sanitizeBad x x tainted2 target $ myId html tainted2 sanitize tainted2 sanitizeBad tainted2 $ myId html tainted2 tainted3 target $ myId html tainted3 sanitize tainted3 sanitizeBad tainted3 $ myId html tainted3 $ myId html sanitize sanitizeBad target target | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | enclosingFunctionName | badSanitizer | | autogenerated/Xss/DomBasedXss/optionalSanitizer.js:45:41:45:46 | target | receiverName | | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeAccessPath | react createContext | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeAccessPathWithStructuralInfo | react member createContext instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | calleeName | createContext | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | enclosingFunctionBody | | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/react-create-context.js:3:38:3:49 | {root: null} | receiverName | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-create-context.js:3:45:3:48 | null | calleeAccessPathWithStructuralInfo | | @@ -38264,14 +31932,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | enclosingFunctionBody | root context root appendChild window name | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | enclosingFunctionName | foo | | autogenerated/Xss/DomBasedXss/react-use-context.js:16:26:16:36 | window.name | receiverName | root | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | enclosingFunctionName | initialState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:4:38:4:48 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:42:5:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38288,22 +31948,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | enclosingFunctionBody | state setState useState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | enclosingFunctionName | initialState | | autogenerated/Xss/DomBasedXss/react-use-state.js:5:51:5:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | enclosingFunctionName | setStateValue | -| autogenerated/Xss/DomBasedXss/react-use-state.js:9:38:9:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | enclosingFunctionName | setStateValue | -| autogenerated/Xss/DomBasedXss/react-use-state.js:10:14:10:24 | window.name | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:42:11:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38320,22 +31964,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | enclosingFunctionName | setStateValue | | autogenerated/Xss/DomBasedXss/react-use-state.js:11:51:11:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:15:38:15:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:16:14:16:30 | () => window.name | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:42:17:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38352,22 +31980,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | enclosingFunctionBody | state setState useState foo setState window name div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:17:51:17:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:21:38:21:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:22:14:24:5 | prev => ... K\\n } | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | calleeAccessPathWithStructuralInfo | | @@ -38376,38 +31988,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | enclosingFunctionName | setStateValueLazy | | autogenerated/Xss/DomBasedXss/react-use-state.js:23:35:23:38 | prev | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | enclosingFunctionBody | state setState useState foo setState prev document body innerHTML prev setState window name | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | enclosingFunctionName | setStateValueLazy | -| autogenerated/Xss/DomBasedXss/react-use-state.js:25:14:25:30 | () => window.name | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | calleeName | useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | enclosingFunctionName | setStateValueSafe | -| autogenerated/Xss/DomBasedXss/react-use-state.js:29:38:29:42 | 'foo' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | enclosingFunctionName | setStateValueSafe | -| autogenerated/Xss/DomBasedXss/react-use-state.js:30:14:30:19 | 'safe' | receiverName | | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeAccessPath | react useState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeAccessPathWithStructuralInfo | react member useState instanceorreturn member instanceorreturn | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeApiName | react | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | calleeName | setState | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | enclosingFunctionName | setStateValueSafe | -| autogenerated/Xss/DomBasedXss/react-use-state.js:31:14:31:30 | () => 'also safe' | receiverName | | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | argumentIndex | | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:42:32:56 | {__html: state} | calleeAccessPathWithStructuralInfo | | @@ -38424,86 +32004,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | enclosingFunctionBody | state setState useState foo setState safe setState also safe div dangerouslySetInnerHTML __html state | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | enclosingFunctionName | setStateValueSafe | | autogenerated/Xss/DomBasedXss/react-use-state.js:32:51:32:55 | state | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeAccessPath | express get req query data toString replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:18:4:20 | amp | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeAccessPath | express get req query data toString replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:4:23:4:29 | '&' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeAccessPath | express get req query data toString replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:18:5:19 | lt | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeAccessPath | express get req query data toString replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:5:22:5:27 | '<' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeAccessPath | express get req query data toString replace replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:18:6:19 | gt | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeAccessPath | express get req query data toString replace replace replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get functionalarg param req member query member data member toString instanceorreturn member replace instanceorreturn member replace instanceorreturn member replace instanceorreturn | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeApiName | express | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | enclosingFunctionBody | s amp /&/g lt //g s toString replace amp & replace lt < replace gt > | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | enclosingFunctionName | escapeHtml | -| autogenerated/Xss/DomBasedXss/sanitiser.js:6:22:6:27 | '>' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:19:11:22 | /'/g | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:11:25:11:29 | '%22' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:19:12:22 | /"/g | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | enclosingFunctionBody | s s toString replace /'/g %22 replace /"/g %27 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | enclosingFunctionName | escapeAttr | -| autogenerated/Xss/DomBasedXss/sanitiser.js:12:25:12:29 | '%27' | receiverName | | | autogenerated/Xss/DomBasedXss/sanitiser.js:18:19:18:30 | "' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:35:39:35:44 | '' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | calleeName | exec | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:37:18:37:24 | tainted | receiverName | regex | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | argumentIndex | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/sanitiser.js:38:21:38:25 | '' | calleeAccessPathWithStructuralInfo | | @@ -38872,14 +32364,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:40:39:40:44 | '' | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | calleeName | exec | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:42:18:42:24 | tainted | receiverName | regex | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | argumentIndex | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/sanitiser.js:43:21:43:25 | '' | calleeAccessPathWithStructuralInfo | | @@ -38952,22 +32436,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/sanitiser.js:48:19:48:46 | tainted ... /g, '') | receiverName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:35:48:41 | /<\\w+/g | receiverName | tainted | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | enclosingFunctionBody | tainted window name elt document createElement elt innerHTML escapeHtml tainted elt innerHTML
escapeAttr tainted
regex /[<>'"&]/ regex test tainted elt innerHTML tainted elt innerHTML tainted regex test tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted regex exec tainted null elt innerHTML tainted elt innerHTML tainted elt innerHTML tainted replace /<\\w+/g | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/sanitiser.js:48:44:48:45 | '' | receiverName | tainted | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/stored-xss.js:2:28:2:36 | 'session' | calleeAccessPathWithStructuralInfo | | @@ -39480,22 +32948,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | enclosingFunctionBody | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/tst3.js:1:35:1:39 | "foo" | receiverName | document | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | calleeName | parse | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | enclosingFunctionBody | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:23:2:74 | decodeU ... str(1)) | receiverName | JSON | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | calleeName | decodeURIComponent | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | enclosingFunctionBody | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/tst3.js:2:42:2:73 | window. ... bstr(1) | receiverName | | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/tst3.js:2:72:2:72 | 1 | calleeAccessPathWithStructuralInfo | | @@ -40288,14 +33740,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | enclosingFunctionName | tst | | autogenerated/Xss/DomBasedXss/tst.js:114:20:114:20 | v | receiverName | document | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | calleeName | exec | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | enclosingFunctionBody | v document location search substr 1 document write v /^\\d+$/ test v document write v m /^\\d+$/ exec v document write v v match /^\\d+$/ document write v v match ^\\d+$ document write v /\\d+/ test v document write v /^\\d+$/ test v document write v | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | enclosingFunctionName | tst | -| autogenerated/Xss/DomBasedXss/tst.js:117:25:117:25 | v | receiverName | | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/tst.js:119:20:119:20 | v | calleeAccessPathWithStructuralInfo | | @@ -41552,22 +34996,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:430:18:430:89 | target. ... data>') | receiverName | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:430:33:430:63 | // | receiverName | target | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:430:66:430:88 | '' | receiverName | target | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/tst.js:432:5:432:10 | "#foo" | calleeAccessPathWithStructuralInfo | | @@ -41584,22 +35012,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | enclosingFunctionName | nonGlobalSanitizer | | autogenerated/Xss/DomBasedXss/tst.js:432:18:432:43 | target. ... /g, '') | receiverName | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:432:33:432:38 | /<\|>/g | receiverName | target | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | argumentIndex | 1 | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | calleeName | replace | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | enclosingFunctionBody | target document location search $ #foo html target replace /[\\s\\S]*<\\/metadata>/ $ #foo html target replace /<\|>/g | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | enclosingFunctionName | nonGlobalSanitizer | -| autogenerated/Xss/DomBasedXss/tst.js:432:41:432:42 | '' | receiverName | target | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | argumentIndex | | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/typeahead.js:2:38:4:3 | {\\n p ... Url\\n } | calleeAccessPathWithStructuralInfo | | @@ -41712,14 +35124,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | enclosingFunctionName | | | autogenerated/Xss/DomBasedXss/typeahead.js:19:15:22:7 | functio ... } | receiverName | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeApiName | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | calleeName | cb | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | enclosingFunctionBody | autocompleter Bloodhound prefetch remoteUrl autocompleter initialize $ .typeahead typeahead source autocompleter ttAdapter templates suggestion loc loc $ .typeahead typeahead name dashboards source query cb target document location search cb target templates suggestion val val | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | enclosingFunctionName | | -| autogenerated/Xss/DomBasedXss/typeahead.js:21:12:21:17 | target | receiverName | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | argumentIndex | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/typeahead.js:23:18:27:7 | {\\n ... } | calleeAccessPathWithStructuralInfo | | @@ -41832,14 +35236,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:19:6:25 | tainted | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:6:35:6:42 | "
" | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:4:7:38 | ["
... .join() | calleeAccessPathWithStructuralInfo | | @@ -41960,14 +35356,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:24:11:30 | tainted | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:11:40:11:43 | "/>" | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:4:12:41 | ["
' | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:71 | '">' | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:68:18:87 | '">'.concat(content) | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | calleeAccessPathWithStructuralInfo | | @@ -42080,14 +35460,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | enclosingFunctionName | test | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:80:18:86 | content | receiverName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeApiName | | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | calleeName | concat | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | enclosingFunctionBody | tainted document location search $
tainted
$
tainted
$
concat tainted concat
$
tainted
join $
$
$
join indirection1 attrs
content
indirection2 attrs
concat content concat
$ indirection1 document location search attrs $ indirection2 document location search attrs | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | enclosingFunctionName | test | -| autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:18:97:18:104 | '
' | receiverName | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:20:4:20:47 | indirec ... .attrs) | calleeAccessPathWithStructuralInfo | | @@ -42168,14 +35540,6 @@ tokenFeatures | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | enclosingFunctionName | ready#functionalargument | | autogenerated/Xss/DomBasedXss/xmlRequest.js:5:42:5:59 | "application/json" | receiverName | xhr | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | argumentIndex | 0 | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeAccessPath | | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeApiName | | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | calleeName | parse | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | enclosingFunctionBody | xhr XMLHttpRequest url {{ some_url }} xhr open GET url true xhr setRequestHeader Content-Type application/json xhr onreadystatechange xhr readyState 4 json JSON parse xhr responseText $ #myThing html json message xhr send error console log error | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | enclosingFunctionName | ready#functionalargument | -| autogenerated/Xss/DomBasedXss/xmlRequest.js:8:31:8:46 | xhr.responseText | receiverName | JSON | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | argumentIndex | 0 | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | calleeAccessPath | | | autogenerated/Xss/DomBasedXss/xmlRequest.js:9:11:9:20 | "#myThing" | calleeAccessPathWithStructuralInfo | | @@ -43008,14 +36372,6 @@ tokenFeatures | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | enclosingFunctionName | | | autogenerated/Xss/ExceptionXss/exception-xss.js:206:9:206:11 | foo | receiverName | $ | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | argumentIndex | 0 | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeAccessPath | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeApiName | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | calleeName | parse | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | enclosingFunctionBody | foo document location search Object assign foo foo _ pick foo foo foo foo join join $ val foo JSON parse foo /bla/ test foo console log foo log info foo localStorage setItem foo e $ myId html e | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | enclosingFunctionName | | -| autogenerated/Xss/ExceptionXss/exception-xss.js:207:14:207:16 | foo | receiverName | JSON | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | argumentIndex | 0 | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | calleeAccessPath | | | autogenerated/Xss/ExceptionXss/exception-xss.js:208:14:208:16 | foo | calleeAccessPathWithStructuralInfo | | @@ -43136,14 +36492,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:28:22:35:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeAccessPath | markdown-table | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeAccessPathWithStructuralInfo | markdown-table instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeApiName | markdown-table | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | calleeName | table | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | enclosingFunctionBody | req res res send req body mytable table Name Content body req body res send mytable | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:30:23:33:3 | [\\n [ ... dy]\\n ] | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | argumentIndex | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:31:5:31:23 | ['Name', 'Content'] | calleeAccessPathWithStructuralInfo | | @@ -43216,14 +36564,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:40:22:43:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeAccessPath | showdown Converter makeHtml | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeAccessPathWithStructuralInfo | showdown member Converter instanceorreturn member makeHtml instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeApiName | showdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | calleeName | makeHtml | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | enclosingFunctionBody | req res res send req body res send converter makeHtml req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:42:31:42:38 | req.body | receiverName | converter | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:45:23:45:31 | 'unified' | calleeAccessPathWithStructuralInfo | | @@ -43376,30 +36716,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:63:10:63:13 | html | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeAccessPath | unified use use use use use process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeAccessPathWithStructuralInfo | unified instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeApiName | unified | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:14:64:21 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | argumentIndex | 1 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeAccessPath | unified use use use use use process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeAccessPathWithStructuralInfo | unified instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member use instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeApiName | unified | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:64:24:66:5 | functio ... K\\n } | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeAccessPath | remark processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeAccessPathWithStructuralInfo | remark instanceorreturn member processSync instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeApiName | remark | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | calleeName | processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:68:33:68:40 | req.body | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | calleeAccessPath | remark use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:25:70:32 | sanitize | calleeAccessPathWithStructuralInfo | remark instanceorreturn member use instanceorreturn | @@ -43424,30 +36740,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:26:72:33 | markdown | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeAccessPath | unified use processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeAccessPathWithStructuralInfo | unified instanceorreturn member use instanceorreturn member processSync instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeApiName | unified | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | calleeName | processSync | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:72:48:72:55 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeAccessPath | remark process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeAccessPathWithStructuralInfo | remark instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeApiName | remark | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:20:74:27 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | argumentIndex | 1 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeAccessPath | remark process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeAccessPathWithStructuralInfo | remark instanceorreturn member process instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeApiName | remark | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | calleeName | process | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | enclosingFunctionBody | req res res send req body unified use markdown use remark2rehype use doc title \ud83d\udc4b\ud83c\udf0d use format use html process req body err file res send file res send remark processSync req body toString res send remark use sanitize processSync req body toString res send unified use markdown processSync req body toString remark process req body e f res send f | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:74:30:76:3 | (e, f) ... OK\\n } | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:80:26:80:36 | "snarkdown" | calleeAccessPathWithStructuralInfo | | @@ -43472,22 +36764,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:82:22:86:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeAccessPath | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeAccessPathWithStructuralInfo | snarkdown instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeApiName | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | calleeName | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:84:22:84:29 | req.body | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeAccessPath | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeAccessPathWithStructuralInfo | snarkdown instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeApiName | snarkdown | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | calleeName | snarkdown2 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | enclosingFunctionBody | req res res send req body res send snarkdown req body res send snarkdown2 req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:85:23:85:30 | req.body | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:88:28:88:40 | 'markdown-it' | calleeAccessPathWithStructuralInfo | | @@ -43584,14 +36860,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:96:22:104:1 | functio ... OT OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeAccessPath | markdown-it render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member render instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeApiName | markdown-it | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | calleeName | render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:98:30:98:37 | req.body | receiverName | markdownIt | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | calleeAccessPath | markdown-it render | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member render instanceorreturn | @@ -43600,14 +36868,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body | receiverName | markdownIt2 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeAccessPath | markdown-it use render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member use instanceorreturn member render instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeApiName | markdown-it | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | calleeName | render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:100:31:100:38 | req.body | receiverName | markdownIt3 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | calleeAccessPath | markdown-it use | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:27:102:58 | require ... tizer') | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member use instanceorreturn | @@ -43656,14 +36916,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | enclosingFunctionName | app.get#functionalargument | | autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:60:103:66 | unknown | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeAccessPath | markdown-it use use render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member use instanceorreturn member use instanceorreturn member render instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeApiName | markdown-it | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | calleeName | render | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | enclosingFunctionBody | req res res send req body res send markdownIt render req body res send markdownIt2 render req body res send markdownIt3 render req body res send markdownIt use require markdown-it-sanitizer render req body res send markdownIt use require markdown-it-abbr use unknown render req body | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | enclosingFunctionName | app.get#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXss.js:103:76:103:83 | req.body | receiverName | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | calleeAccessPath | | | autogenerated/Xss/ReflectedXss/ReflectedXssContentTypes.js:1:23:1:31 | 'express' | calleeAccessPathWithStructuralInfo | | @@ -44000,22 +37252,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:3:30:6:1 | functio ... name)\\n} | receiverName | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeAccessPath | url parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeApiName | url | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | calleeName | parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | enclosingFunctionName | createServer#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:26:4:32 | req.url | receiverName | url | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | argumentIndex | 1 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeAccessPath | url parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeAccessPathWithStructuralInfo | url member parse instanceorreturn | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeApiName | url | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | calleeName | parse | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | enclosingFunctionBody | req resp target url parse req url true sendTextResponse resp target pathname | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | enclosingFunctionName | createServer#functionalargument | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:4:35:4:38 | true | receiverName | url | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | calleeAccessPath | http createServer resp writeHead | | autogenerated/Xss/ReflectedXss/ReflectedXssGood2.js:9:18:9:20 | 200 | calleeAccessPathWithStructuralInfo | http member createServer functionalarg param resp member writeHead instanceorreturn | @@ -44432,14 +37668,6 @@ tokenFeatures | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | enclosingFunctionBody | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | enclosingFunctionName | | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:66:22:70:1 | functio ... // OK\\n} | receiverName | app | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | argumentIndex | 0 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeAccessPath | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeApiName | | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | calleeName | exec | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | enclosingFunctionBody | string str string match matchHtmlRegExp exec str match str | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | enclosingFunctionName | escapeHtml2 | -| autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:75:40:75:42 | str | receiverName | matchHtmlRegExp | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | argumentIndex | 0 | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | calleeAccessPath | express get | | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:82:9:82:19 | '/user/:id' | calleeAccessPathWithStructuralInfo | express instanceorreturn member get instanceorreturn | @@ -45272,14 +38500,6 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | enclosingFunctionName | xssThroughMarkdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:18:22:35 | markdown.render(s) | receiverName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | argumentIndex | 0 | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeAccessPath | markdown-it render | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeAccessPathWithStructuralInfo | markdown-it instanceorreturn member render instanceorreturn | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeApiName | markdown-it | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | calleeName | render | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | enclosingFunctionBody | s html markdown render s document querySelector #markdown innerHTML html | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | enclosingFunctionName | xssThroughMarkdown | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:22:34:22:34 | s | receiverName | markdown | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | argumentIndex | 0 | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | calleeAccessPath | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:23:28:23:38 | "#markdown" | calleeAccessPathWithStructuralInfo | | @@ -45560,22 +38780,6 @@ tokenFeatures | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | enclosingFunctionName | guards | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:63:68:89 | attrVal ... /g, "") | receiverName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | argumentIndex | 0 | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeAccessPath | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeApiName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | calleeName | replace | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | enclosingFunctionName | guards | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:79:68:84 | /"\|'/g | receiverName | attrVal | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | argumentIndex | 1 | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeAccessPath | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeApiName | | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | calleeName | replace | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | enclosingFunctionBody | attrVal document querySelector #id innerHTML attrVal document querySelector #id innerHTML attrVal replace / attrVal indexOf " 1 attrVal indexOf ' 1 document querySelector #id innerHTML attrVal | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | enclosingFunctionName | guards | -| autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:87:68:88 | "" | receiverName | attrVal | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | argumentIndex | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | calleeAccessPath | | | autogenerated/Xss/UnsafeHtmlConstruction/main.js:68:93:68:98 | "\\"/>" | calleeAccessPathWithStructuralInfo | | @@ -46416,22 +39620,6 @@ tokenFeatures | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | enclosingFunctionBody | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | enclosingFunctionName | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:5:163:54 | somethi ... target) | receiverName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | argumentIndex | 0 | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeAccessPath | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeApiName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | calleeName | replace | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | enclosingFunctionBody | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | enclosingFunctionName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:23:163:37 | "%PLACEHOLDER%" | receiverName | something | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | argumentIndex | 1 | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeAccessPath | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeApiName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | calleeName | replace | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | enclosingFunctionBody | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | enclosingFunctionName | | -| autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:163:40:163:53 | options.target | receiverName | something | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | argumentIndex | 0 | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | calleeAccessPath | | | autogenerated/Xss/UnsafeJQueryPlugin/unsafe-jquery-plugin.js:167:6:167:11 | target | calleeAccessPathWithStructuralInfo | | @@ -47568,14 +40756,6 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:16:86:37 | anser.a ... l(text) | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeAccessPath | anser ansiToHtml | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeAccessPathWithStructuralInfo | anser member ansiToHtml instanceorreturn | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeApiName | anser | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | calleeName | ansiToHtml | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:86:33:86:36 | text | receiverName | anser | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | argumentIndex | 0 | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | calleeAccessPath | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:4:87:8 | "#id" | calleeAccessPathWithStructuralInfo | | @@ -47592,14 +40772,6 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:16:87:40 | new ans ... s(text) | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeAccessPath | anser process | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeAccessPathWithStructuralInfo | anser instanceorreturn member process instanceorreturn | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeApiName | anser | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | calleeName | process | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:87:36:87:39 | text | receiverName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | argumentIndex | 0 | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | calleeAccessPath | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:89:4:89:15 | "section h1" | calleeAccessPathWithStructuralInfo | | @@ -47656,38 +40828,6 @@ tokenFeatures | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | enclosingFunctionName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:39:90:42 | this | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:74:90:77 | / /g | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | argumentIndex | 1 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:80:90:82 | '-' | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | argumentIndex | 0 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:93:90:102 | /[^\\w-]+/g | receiverName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | argumentIndex | 1 | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeAccessPath | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeAccessPathWithStructuralInfo | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeApiName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | calleeName | replace | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | enclosingFunctionBody | $ #id html $ textarea val $ #id html $ .some-element text $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr foo bar $ #id html $ .some-element attr data-target $ #id html document getElementById foo innerText $ #id html document getElementById foo innerHTML $ #id html document getElementById foo textContent $ #id html document 0 querySelectorAll textarea 0 value $ #id html document getElementById div1 getAttribute data-target safe1 x x jquery foo $ x safe1 $ textarea val safe2 x x object foo $ x safe2 $ textarea val $ #id html $

something

text $ #id get 0 innerHTML $ textarea val base $ #id base html html text $ textarea val $ #id get 0 innerHTML $ input get 0 name $ #id get 0 innerHTML $ input get 0 getAttribute name $ #id get 0 innerHTML $ input getAttribute id $ #id get 0 innerHTML $ document find option attr value valMethod $ textarea val $ #id get 0 innerHTML valMethod myValue $ document find option attr value myValue property $ #id get 0 innerHTML myValue $ jGrowl $ input get 0 name selector $ input get 0 name something selector $ textarea val $ selector $ document my_form my_input value $ #id html $ #foo prop innerText anser require anser text $ text text $ #id html anser ansiToHtml text $ #id html anser process text $ section h1 each $ nav ul append Section | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | enclosingFunctionName | | -| autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:104:90:105 | '' | receiverName | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | argumentIndex | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | calleeAccessPath | | | autogenerated/Xss/XssThroughDom/xss-through-dom.js:90:110:90:124 | "'>Section" | calleeAccessPathWithStructuralInfo | | diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointData.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointData.expected index fd37b57b97a..0bef2defe7d 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointData.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointData.expected @@ -251,6 +251,50 @@ endpoints | index.js:78:30:78:39 | "someData" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | index.js:78:30:78:39 | "someData" | Xss | notASinkReason | LoggerMethod | string | | index.js:78:30:78:39 | "someData" | Xss | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | SqlInjection | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | SqlInjection | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | TaintedPath | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | TaintedPath | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | Xss | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | Xss | sinkLabel | NotASink | string | tokenFeatures | applications/examples/static/epydoc/epydoc.js:2:15:2:33 | "Should be ignored" | argumentIndex | 0 | | applications/examples/static/epydoc/epydoc.js:2:15:2:33 | "Should be ignored" | calleeAccessPath | | @@ -412,3 +456,19 @@ tokenFeatures | index.js:78:30:78:39 | "someData" | enclosingFunctionBody | console log someData | | index.js:78:30:78:39 | "someData" | enclosingFunctionName | identity#functionalargument | | index.js:78:30:78:39 | "someData" | receiverName | console | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | argumentIndex | 0 | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeAccessPath | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeAccessPathWithStructuralInfo | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeApiName | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeName | ajax | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | enclosingFunctionBody | foo $ ajax url foo bar | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | enclosingFunctionName | effectiveSinkAndNotASink | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | receiverName | $ | +| index.js:84:12:84:18 | foo.bar | argumentIndex | | +| index.js:84:12:84:18 | foo.bar | calleeAccessPath | | +| index.js:84:12:84:18 | foo.bar | calleeAccessPathWithStructuralInfo | | +| index.js:84:12:84:18 | foo.bar | calleeApiName | | +| index.js:84:12:84:18 | foo.bar | calleeName | | +| index.js:84:12:84:18 | foo.bar | enclosingFunctionBody | foo $ ajax url foo bar | +| index.js:84:12:84:18 | foo.bar | enclosingFunctionName | effectiveSinkAndNotASink | +| index.js:84:12:84:18 | foo.bar | receiverName | | diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataEvaluation.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataEvaluation.expected index b2e6fa5ffff..29691330aaf 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataEvaluation.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataEvaluation.expected @@ -231,6 +231,50 @@ endpoints | index.js:78:30:78:39 | "someData" | Xss | isExcludedFromEndToEndEvaluation | false | boolean | | index.js:78:30:78:39 | "someData" | Xss | notASinkReason | LoggerMethod | string | | index.js:78:30:78:39 | "someData" | Xss | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | SqlInjection | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | SqlInjection | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | TaintedPath | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | TaintedPath | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | Xss | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | Xss | sinkLabel | NotASink | string | tokenFeatures | index.js:1:25:1:33 | "express" | argumentIndex | 0 | | index.js:1:25:1:33 | "express" | calleeAccessPath | | @@ -384,3 +428,19 @@ tokenFeatures | index.js:78:30:78:39 | "someData" | enclosingFunctionBody | console log someData | | index.js:78:30:78:39 | "someData" | enclosingFunctionName | identity#functionalargument | | index.js:78:30:78:39 | "someData" | receiverName | console | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | argumentIndex | 0 | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeAccessPath | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeAccessPathWithStructuralInfo | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeApiName | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeName | ajax | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | enclosingFunctionBody | foo $ ajax url foo bar | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | enclosingFunctionName | effectiveSinkAndNotASink | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | receiverName | $ | +| index.js:84:12:84:18 | foo.bar | argumentIndex | | +| index.js:84:12:84:18 | foo.bar | calleeAccessPath | | +| index.js:84:12:84:18 | foo.bar | calleeAccessPathWithStructuralInfo | | +| index.js:84:12:84:18 | foo.bar | calleeApiName | | +| index.js:84:12:84:18 | foo.bar | calleeName | | +| index.js:84:12:84:18 | foo.bar | enclosingFunctionBody | foo $ ajax url foo bar | +| index.js:84:12:84:18 | foo.bar | enclosingFunctionName | effectiveSinkAndNotASink | +| index.js:84:12:84:18 | foo.bar | receiverName | | diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataTraining.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataTraining.expected index 80606c127ec..a4e2b0f6e8a 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataTraining.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/ExtractEndpointDataTraining.expected @@ -31,6 +31,50 @@ endpoints | index.js:28:13:28:28 | UNDEFINED_GLOBAL | NosqlInjection | isConstantExpression | false | boolean | | index.js:28:13:28:28 | UNDEFINED_GLOBAL | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | | index.js:28:13:28:28 | UNDEFINED_GLOBAL | NosqlInjection | sinkLabel | Sink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | NosqlInjection | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | SqlInjection | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | TaintedPath | sinkLabel | NotASink | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | hasFlowFromSource | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | isConstantExpression | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | notASinkReason | ClientRequest | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | notASinkReason | JQueryArgument | string | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | Xss | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | NosqlInjection | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | SqlInjection | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | SqlInjection | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | SqlInjection | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | TaintedPath | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | TaintedPath | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | TaintedPath | sinkLabel | NotASink | string | +| index.js:84:12:84:18 | foo.bar | Xss | hasFlowFromSource | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | isConstantExpression | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | isExcludedFromEndToEndEvaluation | false | boolean | +| index.js:84:12:84:18 | foo.bar | Xss | notASinkReason | ClientRequest | string | +| index.js:84:12:84:18 | foo.bar | Xss | sinkLabel | NotASink | string | tokenFeatures | index.js:9:15:9:45 | { 'isAd ... Admin } | argumentIndex | 0 | | index.js:9:15:9:45 | { 'isAd ... Admin } | calleeAccessPath | mongoose model find | @@ -64,3 +108,19 @@ tokenFeatures | index.js:28:13:28:28 | UNDEFINED_GLOBAL | enclosingFunctionBody | User find UNDEFINED_GLOBAL | | index.js:28:13:28:28 | UNDEFINED_GLOBAL | enclosingFunctionName | notConstantExpression | | index.js:28:13:28:28 | UNDEFINED_GLOBAL | receiverName | User | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | argumentIndex | 0 | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeAccessPath | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeAccessPathWithStructuralInfo | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeApiName | | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | calleeName | ajax | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | enclosingFunctionBody | foo $ ajax url foo bar | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | enclosingFunctionName | effectiveSinkAndNotASink | +| index.js:83:10:85:3 | {\\n " ... ar,\\n } | receiverName | $ | +| index.js:84:12:84:18 | foo.bar | argumentIndex | | +| index.js:84:12:84:18 | foo.bar | calleeAccessPath | | +| index.js:84:12:84:18 | foo.bar | calleeAccessPathWithStructuralInfo | | +| index.js:84:12:84:18 | foo.bar | calleeApiName | | +| index.js:84:12:84:18 | foo.bar | calleeName | | +| index.js:84:12:84:18 | foo.bar | enclosingFunctionBody | foo $ ajax url foo bar | +| index.js:84:12:84:18 | foo.bar | enclosingFunctionName | effectiveSinkAndNotASink | +| index.js:84:12:84:18 | foo.bar | receiverName | | diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/index.js b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/index.js index 4ee062c8a0c..8fd098dc473 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/index.js +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_unit_tests/index.js @@ -77,3 +77,10 @@ function veryLongFunctionBody() { // We should name the anonymous function here that's passed as an argument to `identity`. identity(() => console.log("someData")); } + + +function effectiveSinkAndNotASink(foo) { + $.ajax({ + "url": foo.bar, + }); +} diff --git a/javascript/ql/experimental/adaptivethreatmodeling/test/modeled_apis/nosql_endpoint_filter_ignores_modeled_apis.expected b/javascript/ql/experimental/adaptivethreatmodeling/test/modeled_apis/nosql_endpoint_filter_ignores_modeled_apis.expected index 26adbc1302c..4babd3e5c95 100644 --- a/javascript/ql/experimental/adaptivethreatmodeling/test/modeled_apis/nosql_endpoint_filter_ignores_modeled_apis.expected +++ b/javascript/ql/experimental/adaptivethreatmodeling/test/modeled_apis/nosql_endpoint_filter_ignores_modeled_apis.expected @@ -1,4 +1,3 @@ | index.js:5:23:5:52 | "mongod ... ePort/" | | index.js:5:55:15:3 | (err, d ... });\\n } | | index.js:10:79:14:5 | (err, r ... ;\\n } | -| index.js:20:21:20:31 | window.name | diff --git a/javascript/ql/lib/CHANGELOG.md b/javascript/ql/lib/CHANGELOG.md index d916a226c7f..5e6da94c322 100644 --- a/javascript/ql/lib/CHANGELOG.md +++ b/javascript/ql/lib/CHANGELOG.md @@ -1,3 +1,20 @@ +## 0.0.14 + +## 0.0.13 + +### Deprecated APIs + +* Some predicates from `DefUse.qll`, `DataFlow.qll`, `TaintTracking.qll`, `DOM.qll`, `Definitions.qll` that weren't used by any query have been deprecated. + The documentation for each predicate points to an alternative. +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. +* Some modules that started with a lowercase letter have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### Minor Analysis Improvements + +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. + ## 0.0.12 ### Major Analysis Improvements diff --git a/javascript/ql/lib/change-notes/2022-02-07-deleted-deprecations.md b/javascript/ql/lib/change-notes/2022-02-07-deleted-deprecations.md deleted file mode 100644 index e8da1e8e158..00000000000 --- a/javascript/ql/lib/change-notes/2022-02-07-deleted-deprecations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md b/javascript/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md deleted file mode 100644 index a79f286aacd..00000000000 --- a/javascript/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/2022-02-07-deprecated-modules.md b/javascript/ql/lib/change-notes/2022-02-07-deprecated-modules.md deleted file mode 100644 index 561f68a150c..00000000000 --- a/javascript/ql/lib/change-notes/2022-02-07-deprecated-modules.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Some modules that started with a lowercase letter have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/javascript/ql/lib/change-notes/2022-02-14-deprecated-predicates.md b/javascript/ql/lib/change-notes/2022-02-14-deprecated-predicates.md deleted file mode 100644 index 1b8bc1d53e8..00000000000 --- a/javascript/ql/lib/change-notes/2022-02-14-deprecated-predicates.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Some predicates from `DefUse.qll`, `DataFlow.qll`, `TaintTracking.qll`, `DOM.qll`, `Definitions.qll` that weren't used by any query have been deprecated. - The documentation for each predicate points to an alternative. diff --git a/javascript/ql/lib/change-notes/released/0.0.13.md b/javascript/ql/lib/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..4e235b48c02 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.0.13.md @@ -0,0 +1,14 @@ +## 0.0.13 + +### Deprecated APIs + +* Some predicates from `DefUse.qll`, `DataFlow.qll`, `TaintTracking.qll`, `DOM.qll`, `Definitions.qll` that weren't used by any query have been deprecated. + The documentation for each predicate points to an alternative. +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. +* Some modules that started with a lowercase letter have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### Minor Analysis Improvements + +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. diff --git a/javascript/ql/lib/change-notes/released/0.0.14.md b/javascript/ql/lib/change-notes/released/0.0.14.md new file mode 100644 index 00000000000..52121a21e02 --- /dev/null +++ b/javascript/ql/lib/change-notes/released/0.0.14.md @@ -0,0 +1 @@ +## 0.0.14 diff --git a/javascript/ql/lib/codeql-pack.release.yml b/javascript/ql/lib/codeql-pack.release.yml index 997fb8da83c..ca29e45d0a6 100644 --- a/javascript/ql/lib/codeql-pack.release.yml +++ b/javascript/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.14 diff --git a/javascript/ql/lib/qlpack.yml b/javascript/ql/lib/qlpack.yml index 306591ab074..79995fb6712 100644 --- a/javascript/ql/lib/qlpack.yml +++ b/javascript/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-all -version: 0.0.13-dev +version: 0.1.0-dev groups: javascript dbscheme: semmlecode.javascript.dbscheme extractor: javascript diff --git a/javascript/ql/lib/semmle/javascript/Arrays.qll b/javascript/ql/lib/semmle/javascript/Arrays.qll index bc0af1a06fd..0433b1b5681 100644 --- a/javascript/ql/lib/semmle/javascript/Arrays.qll +++ b/javascript/ql/lib/semmle/javascript/Arrays.qll @@ -45,9 +45,20 @@ module ArrayTaintTracking { ) or // `array.reduce` with tainted value in callback + // The callback parameters are: (previousValue, currentValue, currentIndex, array) call.(DataFlow::MethodCallNode).getMethodName() = "reduce" and - pred = call.getArgument(0).(DataFlow::FunctionNode).getAReturn() and // Require the argument to be a closure to avoid spurious call/return flow - succ = call + exists(DataFlow::FunctionNode callback | + callback = call.getArgument(0) // Require the argument to be a closure to avoid spurious call/return flow + | + pred = callback.getAReturn() and + succ = call + or + pred = call.getReceiver() and + succ = callback.getParameter([1, 3]) // into currentValue or array + or + pred = [call.getArgument(1), callback.getAReturn()] and + succ = callback.getParameter(0) // into previousValue + ) or // `array.push(e)`, `array.unshift(e)`: if `e` is tainted, then so is `array`. pred = call.getAnArgument() and diff --git a/javascript/ql/lib/semmle/javascript/DOM.qll b/javascript/ql/lib/semmle/javascript/DOM.qll index bca70363c67..b8db6dad5a7 100644 --- a/javascript/ql/lib/semmle/javascript/DOM.qll +++ b/javascript/ql/lib/semmle/javascript/DOM.qll @@ -430,6 +430,12 @@ module DOM { result.hasUnderlyingType("Element") or result.hasUnderlyingType(any(string s | s.matches("HTML%Element"))) + or + exists(DataFlow::ClassNode cls | + cls.getASuperClassNode().getALocalSource() = + DataFlow::globalVarRef(any(string s | s.matches("HTML%Element"))) and + result = cls.getAnInstanceReference() + ) } module LocationSource { diff --git a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll index c0a47d39d83..dbf42435613 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll @@ -786,6 +786,8 @@ class MemberKind extends string { predicate isAccessor() { this = MemberKind::accessor() } } +private import internal.StepSummary + module MemberKind { /** Gets the kind of a method, such as `m() {}` */ MemberKind method() { result = "method" } @@ -960,7 +962,16 @@ class ClassNode extends DataFlow::SourceNode instanceof ClassNode::Range { result.getAstNode().getFile() = this.getAstNode().getFile() ) or - exists(DataFlow::TypeTracker t2 | result = this.getAClassReference(t2).track(t2, t)) + result = this.getAClassReferenceRec(t) + } + + pragma[noopt] + private DataFlow::SourceNode getAClassReferenceRec(DataFlow::TypeTracker t) { + exists(DataFlow::TypeTracker t2, StepSummary summary, DataFlow::SourceNode prev | + prev = this.getAClassReference(t2) and + StepSummary::step(prev, result, summary) and + t = t2.append(summary) + ) } /** diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Handlebars.qll b/javascript/ql/lib/semmle/javascript/frameworks/Handlebars.qll index 40c52849c25..8eb3b5d7eae 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Handlebars.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Handlebars.qll @@ -27,3 +27,133 @@ module Handlebars { SafeString() { this = any(Handlebars h).getAConstructorInvocation("SafeString") } } } + +/** Provides logic for taint steps for the handlebars library. */ +private module HandlebarsTaintSteps { + /** + * Gets a reference to a compiled Handlebars template. + */ + private DataFlow::SourceNode compiledTemplate(DataFlow::CallNode compileCall) { + result = compiledTemplate(DataFlow::TypeTracker::end(), compileCall) + } + + private DataFlow::SourceNode compiledTemplate( + DataFlow::TypeTracker t, DataFlow::CallNode compileCall + ) { + t.start() and + result = any(Handlebars::Handlebars hb).getAMethodCall(["compile", "template"]) and + result = compileCall + or + exists(DataFlow::TypeTracker t2 | result = compiledTemplate(t2, compileCall).track(t2, t)) + } + + /** + * Gets a reference to a parameter of a registered Handlebars helper. + * + * ```javascript + * function loudHelper(text) { + * return text.toUpperCase(); + * } + * + * hb.registerHelper("loud", loudHelper); + * ``` + * In this example, `getRegisteredHelperParameter("loud", func, 0)` will bind `func` to + * the `FunctionNode` representing `function loudHelper`, and return its parameter `text`. + */ + private DataFlow::ParameterNode getRegisteredHelperParam( + string helperName, DataFlow::FunctionNode helperFunction, int paramIndex + ) { + exists(DataFlow::CallNode registerHelperCall | + registerHelperCall = any(Handlebars::Handlebars hb).getAMemberCall("registerHelper") and + registerHelperCall.getArgument(0).mayHaveStringValue(helperName) and + helperFunction = registerHelperCall.getArgument(1).getAFunctionValue() and + result = helperFunction.getParameter(paramIndex) + ) + } + + /** + * Gets a `call` (which is a block wrapped inside curly braces inside the template) from `templateText`. + * + * For example, `getAHelperCallFromTemplate("Hello {{loud customer}}")` will return `"loud customer"`. + */ + bindingset[templateText] + private string getAHelperCallFromTemplate(string templateText) { + result = templateText.regexpFind("\\{\\{[^}]+\\}\\}", _, _).regexpReplaceAll("[{}]", "").trim() and + result.regexpMatch(".*\\s.*") + } + + /** + * Holds for calls to helpers from handlebars templates. + * + * ```javascript + * hb.compile("contents of file {{path}} are: {{catFile path}} {{echo p1 p2}}"); + * ``` + * + * In the example, the predicate will hold for: + * + * * helperName="catFile", argIdx=1, arg="path" + * * helperName="echo", argIdx=1, arg="p1" + * * helperName="echo", argIdx=2, arg="p2" + * + * The initial `{{path}}` will not be considered, as it has no arguments. + */ + bindingset[templateText] + private predicate isTemplateHelperCallArg( + string templateText, string helperName, int argIdx, string argVal + ) { + exists(string call | call = getAHelperCallFromTemplate(templateText) | + helperName = call.regexpFind("[^\\s]+", 0, _) and + argIdx >= 0 and + argVal = call.regexpFind("[^\\s]+", argIdx + 1, _) + ) + } + + /** + * Holds if there's a step from `pred` to `succ` due to templating data being + * passed from a templating call to a registered helper via a parameter. + * + * To establish the step, we look at the template passed to `compile`, and will + * only track steps from templates to helpers they actually reference. + * + * ```javascript + * function loudHelper(text) { + * // ^^^^ succ + * return text.toUpperCase(); + * } + * + * hb.registerHelper("loud", loudHelper); + * + * const template = hb.compile("Hello, {{loud name}}!"); + * + * template({name: "user"}); + * // ^^^^^^ pred + * ``` + */ + private predicate isHandlebarsArgStep(DataFlow::Node pred, DataFlow::Node succ) { + exists( + string helperName, DataFlow::CallNode templatingCall, DataFlow::CallNode compileCall, + DataFlow::FunctionNode helperFunction + | + templatingCall = compiledTemplate(compileCall).getACall() and + exists(string templateText, string paramName, int argIdx | + compileCall.getArgument(0).mayHaveStringValue(templateText) + | + pred = templatingCall.getArgument(0).getALocalSource().getAPropertyWrite(paramName).getRhs() and + isTemplateHelperCallArg(templateText, helperName, argIdx, paramName) and + succ = getRegisteredHelperParam(helperName, helperFunction, argIdx) + ) + ) + } + + /** + * A shared flow step from passing data to a handlebars template with + * helpers registered. + */ + class HandlebarsStep extends DataFlow::SharedFlowStep { + DataFlow::CallNode templatingCall; + + override predicate step(DataFlow::Node pred, DataFlow::Node succ) { + isHandlebarsArgStep(pred, succ) + } + } +} diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll index bc84ba5eb77..c094d82163c 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/TaintedPathCustomizations.qll @@ -850,7 +850,7 @@ module TaintedPath { /** * Holds if we should include a step from `src -> dst` with labels `srclabel -> dstlabel`, and the - * standard taint step `src -> dst` should be suppresesd. + * standard taint step `src -> dst` should be suppressed. */ private predicate isPosixPathStep( DataFlow::Node src, DataFlow::Node dst, Label::PosixPath srclabel, Label::PosixPath dstlabel diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll index c322de19a6f..a274d9bc407 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomCustomizations.qll @@ -162,6 +162,11 @@ module XssThroughDom { } } + /** The `files` property of an `` element */ + class FilesSource extends Source { + FilesSource() { this = DOM::domValueRef().getAPropertyRead("files") } + } + /** * A module for form inputs seen as sources for xss-through-dom. */ diff --git a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomQuery.qll b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomQuery.qll index e0b2c69e566..3a1de12ab26 100644 --- a/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomQuery.qll +++ b/javascript/ql/lib/semmle/javascript/security/dataflow/XssThroughDomQuery.qll @@ -36,6 +36,11 @@ class Configuration extends TaintTracking::Configuration { DomBasedXss::isOptionallySanitizedEdge(pred, succ) } + override predicate isAdditionalTaintStep(DataFlow::Node pred, DataFlow::Node succ) { + succ = DataFlow::globalVarRef("URL").getAMemberCall("createObjectURL") and + pred = succ.(DataFlow::InvokeNode).getArgument(0) + } + override predicate hasFlowPath(DataFlow::SourcePathNode src, DataFlow::SinkPathNode sink) { super.hasFlowPath(src, sink) and // filtering away readings of `src` that end in a URL sink. diff --git a/javascript/ql/src/CHANGELOG.md b/javascript/ql/src/CHANGELOG.md index ff7152ddc0a..d8e45f6ceb8 100644 --- a/javascript/ql/src/CHANGELOG.md +++ b/javascript/ql/src/CHANGELOG.md @@ -1,3 +1,13 @@ +## 0.0.14 + +## 0.0.13 + +### Minor Analysis Improvements + +* Fixed an issue that would sometimes prevent the data-flow analysis from finding flow + paths through a function that stores its result on an object. + This may lead to more results for the security queries. + ## 0.0.12 ## 0.0.11 diff --git a/javascript/ql/src/change-notes/2022-04-07-missing-flow-fixes.md b/javascript/ql/src/change-notes/2022-04-07-missing-flow-fixes.md new file mode 100644 index 00000000000..f544a5364aa --- /dev/null +++ b/javascript/ql/src/change-notes/2022-04-07-missing-flow-fixes.md @@ -0,0 +1,5 @@ +--- +category: minorAnalysis +--- +* Improved handling of custom DOM elements, potentially leading to more alerts for the XSS queries. +* Improved taint tracking through calls to the `Array.prototype.reduce` function. diff --git a/javascript/ql/src/change-notes/2022-03-18-store-load-flow-context-sensitivity-bug.md b/javascript/ql/src/change-notes/released/0.0.13.md similarity index 82% rename from javascript/ql/src/change-notes/2022-03-18-store-load-flow-context-sensitivity-bug.md rename to javascript/ql/src/change-notes/released/0.0.13.md index c9275680e00..8b07d94c17e 100644 --- a/javascript/ql/src/change-notes/2022-03-18-store-load-flow-context-sensitivity-bug.md +++ b/javascript/ql/src/change-notes/released/0.0.13.md @@ -1,6 +1,7 @@ ---- -category: minorAnalysis ---- +## 0.0.13 + +### Minor Analysis Improvements + * Fixed an issue that would sometimes prevent the data-flow analysis from finding flow paths through a function that stores its result on an object. This may lead to more results for the security queries. diff --git a/javascript/ql/src/change-notes/released/0.0.14.md b/javascript/ql/src/change-notes/released/0.0.14.md new file mode 100644 index 00000000000..52121a21e02 --- /dev/null +++ b/javascript/ql/src/change-notes/released/0.0.14.md @@ -0,0 +1 @@ +## 0.0.14 diff --git a/javascript/ql/src/codeql-pack.release.yml b/javascript/ql/src/codeql-pack.release.yml index 997fb8da83c..ca29e45d0a6 100644 --- a/javascript/ql/src/codeql-pack.release.yml +++ b/javascript/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.12 +lastReleaseVersion: 0.0.14 diff --git a/javascript/ql/src/qlpack.yml b/javascript/ql/src/qlpack.yml index b72f7230ac9..2cba7e14838 100644 --- a/javascript/ql/src/qlpack.yml +++ b/javascript/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/javascript-queries -version: 0.0.13-dev +version: 0.1.0-dev groups: - javascript - queries diff --git a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected index 911cec45d95..12fdd69e80f 100644 --- a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected +++ b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected @@ -16,6 +16,7 @@ typeInferenceMismatch | arrays.js:2:15:2:22 | source() | arrays.js:8:10:8:22 | arrayIfy(foo) | | arrays.js:2:15:2:22 | source() | arrays.js:11:10:11:28 | union(["bla"], foo) | | arrays.js:2:15:2:22 | source() | arrays.js:14:10:14:18 | flat(foo) | +| arrays.js:2:15:2:22 | source() | arrays.js:19:10:19:12 | res | | booleanOps.js:2:11:2:18 | source() | booleanOps.js:4:8:4:8 | x | | booleanOps.js:2:11:2:18 | source() | booleanOps.js:13:10:13:10 | x | | booleanOps.js:2:11:2:18 | source() | booleanOps.js:19:10:19:10 | x | diff --git a/javascript/ql/test/library-tests/TaintTracking/arrays.js b/javascript/ql/test/library-tests/TaintTracking/arrays.js index 44c9abf50f1..b99e2058d80 100644 --- a/javascript/ql/test/library-tests/TaintTracking/arrays.js +++ b/javascript/ql/test/library-tests/TaintTracking/arrays.js @@ -12,4 +12,9 @@ function test() { const flat = require("arr-flatten"); sink(flat(foo)); // NOT OK -} \ No newline at end of file + + let res = foo.reduce((prev, current) => { + return prev + '' + current + ''; + }, ''); + sink(res); // NOT OK +} diff --git a/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected index 595c0f39cb9..e8ca5f0f5ff 100644 --- a/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected +++ b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected @@ -1541,6 +1541,34 @@ nodes | express.js:8:20:8:32 | req.query.bar | | express.js:8:20:8:32 | req.query.bar | | express.js:8:20:8:32 | req.query.bar | +| handlebars.js:10:51:10:58 | filePath | +| handlebars.js:10:51:10:58 | filePath | +| handlebars.js:10:51:10:58 | filePath | +| handlebars.js:10:51:10:58 | filePath | +| handlebars.js:11:32:11:39 | filePath | +| handlebars.js:11:32:11:39 | filePath | +| handlebars.js:11:32:11:39 | filePath | +| handlebars.js:11:32:11:39 | filePath | +| handlebars.js:11:32:11:39 | filePath | +| handlebars.js:13:73:13:80 | filePath | +| handlebars.js:13:73:13:80 | filePath | +| handlebars.js:13:73:13:80 | filePath | +| handlebars.js:13:73:13:80 | filePath | +| handlebars.js:15:25:15:32 | filePath | +| handlebars.js:15:25:15:32 | filePath | +| handlebars.js:15:25:15:32 | filePath | +| handlebars.js:15:25:15:32 | filePath | +| handlebars.js:15:25:15:32 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | +| handlebars.js:29:46:29:60 | req.params.path | +| handlebars.js:29:46:29:60 | req.params.path | +| handlebars.js:29:46:29:60 | req.params.path | +| handlebars.js:29:46:29:60 | req.params.path | +| handlebars.js:43:15:43:29 | req.params.path | +| handlebars.js:43:15:43:29 | req.params.path | +| handlebars.js:43:15:43:29 | req.params.path | +| handlebars.js:43:15:43:29 | req.params.path | +| handlebars.js:43:15:43:29 | req.params.path | | normalizedPaths.js:11:7:11:27 | path | | normalizedPaths.js:11:7:11:27 | path | | normalizedPaths.js:11:7:11:27 | path | @@ -6414,6 +6442,38 @@ edges | TaintedPath.js:211:24:211:30 | req.url | TaintedPath.js:211:14:211:37 | url.par ... , true) | | TaintedPath.js:211:24:211:30 | req.url | TaintedPath.js:211:14:211:37 | url.par ... , true) | | express.js:8:20:8:32 | req.query.bar | express.js:8:20:8:32 | req.query.bar | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:10:51:10:58 | filePath | handlebars.js:11:32:11:39 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:13:73:13:80 | filePath | handlebars.js:15:25:15:32 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:29:46:29:60 | req.params.path | handlebars.js:10:51:10:58 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | +| handlebars.js:43:15:43:29 | req.params.path | handlebars.js:13:73:13:80 | filePath | | normalizedPaths.js:11:7:11:27 | path | normalizedPaths.js:13:19:13:22 | path | | normalizedPaths.js:11:7:11:27 | path | normalizedPaths.js:13:19:13:22 | path | | normalizedPaths.js:11:7:11:27 | path | normalizedPaths.js:13:19:13:22 | path | @@ -9844,6 +9904,8 @@ edges | TaintedPath.js:213:45:213:48 | path | TaintedPath.js:211:24:211:30 | req.url | TaintedPath.js:213:45:213:48 | path | This path depends on $@. | TaintedPath.js:211:24:211:30 | req.url | a user-provided value | | TaintedPath.js:214:35:214:38 | path | TaintedPath.js:211:24:211:30 | req.url | TaintedPath.js:214:35:214:38 | path | This path depends on $@. | TaintedPath.js:211:24:211:30 | req.url | a user-provided value | | express.js:8:20:8:32 | req.query.bar | express.js:8:20:8:32 | req.query.bar | express.js:8:20:8:32 | req.query.bar | This path depends on $@. | express.js:8:20:8:32 | req.query.bar | a user-provided value | +| handlebars.js:11:32:11:39 | filePath | handlebars.js:29:46:29:60 | req.params.path | handlebars.js:11:32:11:39 | filePath | This path depends on $@. | handlebars.js:29:46:29:60 | req.params.path | a user-provided value | +| handlebars.js:15:25:15:32 | filePath | handlebars.js:43:15:43:29 | req.params.path | handlebars.js:15:25:15:32 | filePath | This path depends on $@. | handlebars.js:43:15:43:29 | req.params.path | a user-provided value | | normalizedPaths.js:13:19:13:22 | path | normalizedPaths.js:11:14:11:27 | req.query.path | normalizedPaths.js:13:19:13:22 | path | This path depends on $@. | normalizedPaths.js:11:14:11:27 | req.query.path | a user-provided value | | normalizedPaths.js:14:19:14:29 | './' + path | normalizedPaths.js:11:14:11:27 | req.query.path | normalizedPaths.js:14:19:14:29 | './' + path | This path depends on $@. | normalizedPaths.js:11:14:11:27 | req.query.path | a user-provided value | | normalizedPaths.js:15:19:15:38 | path + '/index.html' | normalizedPaths.js:11:14:11:27 | req.query.path | normalizedPaths.js:15:19:15:38 | path + '/index.html' | This path depends on $@. | normalizedPaths.js:11:14:11:27 | req.query.path | a user-provided value | diff --git a/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/handlebars.js b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/handlebars.js new file mode 100644 index 00000000000..512b851592a --- /dev/null +++ b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/handlebars.js @@ -0,0 +1,52 @@ +const express = require('express'); +const hb = require("handlebars"); +const fs = require("fs"); + +const app = express(); + +const data = {}; + +function init() { + hb.registerHelper("catFile", function catFile(filePath) { + return fs.readFileSync(filePath); // SINK (reads file) + }); + hb.registerHelper("prependToLines", function prependToLines(prefix, filePath) { + return fs + .readFileSync(filePath) + .split("\n") + .map((line) => prefix + line) + .join("\n"); + }); + data.compiledFileAccess = hb.compile("contents of file {{path}} are: {{catFile path}}") + data.compiledBenign = hb.compile("hello, {{name}}"); + data.compiledUnknown = hb.compile(fs.readFileSync("greeting.template")); + data.compiledMixed = hb.compile("helpers may have several args, like here: {{prependToLines prefix path}}"); +} + +init(); + +app.get('/some/path1', function (req, res) { + res.send(data.compiledFileAccess({ path: req.params.path })); // NOT ALLOWED (template uses vulnerable catFile) +}); + +app.get('/some/path2', function (req, res) { + res.send(data.compiledBenign({ name: req.params.name })); // ALLOWED (this template does not use catFile) +}); + +app.get('/some/path3', function (req, res) { + res.send(data.compiledUnknown({ name: req.params.name })); // ALLOWED (could be using a vulnerable helper, but we'll assume it's ok) +}); + +app.get('/some/path4', function (req, res) { + res.send(data.compiledMixed({ + prefix: ">>> ", + path: req.params.path // NOT ALLOWED (template uses vulnerable helper) + })); +}); + +app.get('/some/path5', function (req, res) { + res.send(data.compiledMixed({ + prefix: req.params.prefix, // ALLOWED (this parameter is safe) + path: "data/path-5.txt" + })); +}); diff --git a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected index 098160b9d4d..dbf8ba4cbc2 100644 --- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected +++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected @@ -136,6 +136,10 @@ nodes | clipboard.ts:33:19:33:68 | e.origi ... /html') | | clipboard.ts:33:19:33:68 | e.origi ... /html') | | clipboard.ts:33:19:33:68 | e.origi ... /html') | +| custom-element.js:5:26:5:36 | window.name | +| custom-element.js:5:26:5:36 | window.name | +| custom-element.js:5:26:5:36 | window.name | +| custom-element.js:5:26:5:36 | window.name | | d3.js:4:12:4:22 | window.name | | d3.js:4:12:4:22 | window.name | | d3.js:4:12:4:22 | window.name | @@ -1130,6 +1134,7 @@ edges | clipboard.ts:24:23:24:58 | e.clipb ... /html') | clipboard.ts:24:23:24:58 | e.clipb ... /html') | | clipboard.ts:29:19:29:54 | e.clipb ... /html') | clipboard.ts:29:19:29:54 | e.clipb ... /html') | | clipboard.ts:33:19:33:68 | e.origi ... /html') | clipboard.ts:33:19:33:68 | e.origi ... /html') | +| custom-element.js:5:26:5:36 | window.name | custom-element.js:5:26:5:36 | window.name | | d3.js:4:12:4:22 | window.name | d3.js:11:15:11:24 | getTaint() | | d3.js:4:12:4:22 | window.name | d3.js:11:15:11:24 | getTaint() | | d3.js:4:12:4:22 | window.name | d3.js:11:15:11:24 | getTaint() | @@ -2062,6 +2067,7 @@ edges | clipboard.ts:24:23:24:58 | e.clipb ... /html') | clipboard.ts:24:23:24:58 | e.clipb ... /html') | clipboard.ts:24:23:24:58 | e.clipb ... /html') | Cross-site scripting vulnerability due to $@. | clipboard.ts:24:23:24:58 | e.clipb ... /html') | user-provided value | | clipboard.ts:29:19:29:54 | e.clipb ... /html') | clipboard.ts:29:19:29:54 | e.clipb ... /html') | clipboard.ts:29:19:29:54 | e.clipb ... /html') | Cross-site scripting vulnerability due to $@. | clipboard.ts:29:19:29:54 | e.clipb ... /html') | user-provided value | | clipboard.ts:33:19:33:68 | e.origi ... /html') | clipboard.ts:33:19:33:68 | e.origi ... /html') | clipboard.ts:33:19:33:68 | e.origi ... /html') | Cross-site scripting vulnerability due to $@. | clipboard.ts:33:19:33:68 | e.origi ... /html') | user-provided value | +| custom-element.js:5:26:5:36 | window.name | custom-element.js:5:26:5:36 | window.name | custom-element.js:5:26:5:36 | window.name | Cross-site scripting vulnerability due to $@. | custom-element.js:5:26:5:36 | window.name | user-provided value | | d3.js:11:15:11:24 | getTaint() | d3.js:4:12:4:22 | window.name | d3.js:11:15:11:24 | getTaint() | Cross-site scripting vulnerability due to $@. | d3.js:4:12:4:22 | window.name | user-provided value | | d3.js:12:20:12:29 | getTaint() | d3.js:4:12:4:22 | window.name | d3.js:12:20:12:29 | getTaint() | Cross-site scripting vulnerability due to $@. | d3.js:4:12:4:22 | window.name | user-provided value | | d3.js:14:20:14:29 | getTaint() | d3.js:4:12:4:22 | window.name | d3.js:14:20:14:29 | getTaint() | Cross-site scripting vulnerability due to $@. | d3.js:4:12:4:22 | window.name | user-provided value | diff --git a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected index 63367061c84..3c0700c9fce 100644 --- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected +++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected @@ -136,6 +136,10 @@ nodes | clipboard.ts:33:19:33:68 | e.origi ... /html') | | clipboard.ts:33:19:33:68 | e.origi ... /html') | | clipboard.ts:33:19:33:68 | e.origi ... /html') | +| custom-element.js:5:26:5:36 | window.name | +| custom-element.js:5:26:5:36 | window.name | +| custom-element.js:5:26:5:36 | window.name | +| custom-element.js:5:26:5:36 | window.name | | d3.js:4:12:4:22 | window.name | | d3.js:4:12:4:22 | window.name | | d3.js:4:12:4:22 | window.name | @@ -1180,6 +1184,7 @@ edges | clipboard.ts:24:23:24:58 | e.clipb ... /html') | clipboard.ts:24:23:24:58 | e.clipb ... /html') | | clipboard.ts:29:19:29:54 | e.clipb ... /html') | clipboard.ts:29:19:29:54 | e.clipb ... /html') | | clipboard.ts:33:19:33:68 | e.origi ... /html') | clipboard.ts:33:19:33:68 | e.origi ... /html') | +| custom-element.js:5:26:5:36 | window.name | custom-element.js:5:26:5:36 | window.name | | d3.js:4:12:4:22 | window.name | d3.js:11:15:11:24 | getTaint() | | d3.js:4:12:4:22 | window.name | d3.js:11:15:11:24 | getTaint() | | d3.js:4:12:4:22 | window.name | d3.js:11:15:11:24 | getTaint() | diff --git a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/custom-element.js b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/custom-element.js new file mode 100644 index 00000000000..9177f08bdc5 --- /dev/null +++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/custom-element.js @@ -0,0 +1,7 @@ +import * as dummy from 'dummy'; + +class CustomElm extends HTMLElement { + test() { + this.innerHTML = window.name; // NOT OK + } +} diff --git a/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected b/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected index 459fee89ddc..104a3055e40 100644 --- a/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected +++ b/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/XssThroughDom.expected @@ -129,6 +129,16 @@ nodes | xss-through-dom.js:115:16:115:18 | src | | xss-through-dom.js:117:26:117:28 | src | | xss-through-dom.js:117:26:117:28 | src | +| xss-through-dom.js:120:23:120:37 | ev.target.files | +| xss-through-dom.js:120:23:120:37 | ev.target.files | +| xss-through-dom.js:120:23:120:40 | ev.target.files[0] | +| xss-through-dom.js:120:23:120:45 | ev.targ ... 0].name | +| xss-through-dom.js:120:23:120:45 | ev.targ ... 0].name | +| xss-through-dom.js:122:33:122:71 | URL.cre ... les[0]) | +| xss-through-dom.js:122:33:122:71 | URL.cre ... les[0]) | +| xss-through-dom.js:122:53:122:67 | ev.target.files | +| xss-through-dom.js:122:53:122:67 | ev.target.files | +| xss-through-dom.js:122:53:122:70 | ev.target.files[0] | edges | forms.js:8:23:8:28 | values | forms.js:9:31:9:36 | values | | forms.js:8:23:8:28 | values | forms.js:9:31:9:36 | values | @@ -207,6 +217,14 @@ edges | xss-through-dom.js:114:11:114:52 | src | xss-through-dom.js:117:26:117:28 | src | | xss-through-dom.js:114:17:114:52 | documen ... k").src | xss-through-dom.js:114:11:114:52 | src | | xss-through-dom.js:114:17:114:52 | documen ... k").src | xss-through-dom.js:114:11:114:52 | src | +| xss-through-dom.js:120:23:120:37 | ev.target.files | xss-through-dom.js:120:23:120:40 | ev.target.files[0] | +| xss-through-dom.js:120:23:120:37 | ev.target.files | xss-through-dom.js:120:23:120:40 | ev.target.files[0] | +| xss-through-dom.js:120:23:120:40 | ev.target.files[0] | xss-through-dom.js:120:23:120:45 | ev.targ ... 0].name | +| xss-through-dom.js:120:23:120:40 | ev.target.files[0] | xss-through-dom.js:120:23:120:45 | ev.targ ... 0].name | +| xss-through-dom.js:122:53:122:67 | ev.target.files | xss-through-dom.js:122:53:122:70 | ev.target.files[0] | +| xss-through-dom.js:122:53:122:67 | ev.target.files | xss-through-dom.js:122:53:122:70 | ev.target.files[0] | +| xss-through-dom.js:122:53:122:70 | ev.target.files[0] | xss-through-dom.js:122:33:122:71 | URL.cre ... les[0]) | +| xss-through-dom.js:122:53:122:70 | ev.target.files[0] | xss-through-dom.js:122:33:122:71 | URL.cre ... les[0]) | #select | forms.js:9:31:9:40 | values.foo | forms.js:8:23:8:28 | values | forms.js:9:31:9:40 | values.foo | $@ is reinterpreted as HTML without escaping meta-characters. | forms.js:8:23:8:28 | values | DOM text | | forms.js:12:31:12:40 | values.bar | forms.js:11:24:11:29 | values | forms.js:12:31:12:40 | values.bar | $@ is reinterpreted as HTML without escaping meta-characters. | forms.js:11:24:11:29 | values | DOM text | @@ -242,3 +260,5 @@ edges | xss-through-dom.js:96:17:96:47 | $("#foo ... ].value | xss-through-dom.js:96:17:96:47 | $("#foo ... ].value | xss-through-dom.js:96:17:96:47 | $("#foo ... ].value | $@ is reinterpreted as HTML without escaping meta-characters. | xss-through-dom.js:96:17:96:47 | $("#foo ... ].value | DOM text | | xss-through-dom.js:109:31:109:70 | "" | xss-through-dom.js:109:45:109:55 | this.el.src | xss-through-dom.js:109:31:109:70 | "" | $@ is reinterpreted as HTML without escaping meta-characters. | xss-through-dom.js:109:45:109:55 | this.el.src | DOM text | | xss-through-dom.js:115:16:115:18 | src | xss-through-dom.js:114:17:114:52 | documen ... k").src | xss-through-dom.js:115:16:115:18 | src | $@ is reinterpreted as HTML without escaping meta-characters. | xss-through-dom.js:114:17:114:52 | documen ... k").src | DOM text | +| xss-through-dom.js:120:23:120:45 | ev.targ ... 0].name | xss-through-dom.js:120:23:120:37 | ev.target.files | xss-through-dom.js:120:23:120:45 | ev.targ ... 0].name | $@ is reinterpreted as HTML without escaping meta-characters. | xss-through-dom.js:120:23:120:37 | ev.target.files | DOM text | +| xss-through-dom.js:122:33:122:71 | URL.cre ... les[0]) | xss-through-dom.js:122:53:122:67 | ev.target.files | xss-through-dom.js:122:33:122:71 | URL.cre ... les[0]) | $@ is reinterpreted as HTML without escaping meta-characters. | xss-through-dom.js:122:53:122:67 | ev.target.files | DOM text | diff --git a/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/xss-through-dom.js b/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/xss-through-dom.js index aa897140d31..6fcf9e2a13f 100644 --- a/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/xss-through-dom.js +++ b/javascript/ql/test/query-tests/Security/CWE-079/XssThroughDom/xss-through-dom.js @@ -115,4 +115,10 @@ class Sub extends Super { $("#id").html(src); // NOT OK. $("#id").attr("src", src); // OK + + $("input.foo")[0].onchange = function (ev) { + $("#id").html(ev.target.files[0].name); // NOT OK. + + $("img#id").attr("src", URL.createObjectURL(ev.target.files[0])); // NOT OK + } })(); diff --git a/javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected b/javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected index e7ec59dfbe4..0a78ec598dd 100644 --- a/javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected +++ b/javascript/ql/test/query-tests/Security/CWE-312/BuildArtifactLeak.expected @@ -37,12 +37,14 @@ edges | build-leaks.js:15:24:15:34 | process.env | build-leaks.js:14:18:14:20 | env | | build-leaks.js:15:24:15:34 | process.env | build-leaks.js:14:18:14:20 | env | | build-leaks.js:16:20:16:22 | env | build-leaks.js:13:17:19:10 | Object. ... }) | +| build-leaks.js:16:20:16:22 | env | build-leaks.js:14:18:14:20 | env | | build-leaks.js:21:11:26:5 | stringifed | build-leaks.js:30:22:30:31 | stringifed | | build-leaks.js:21:24:26:5 | {\\n ... )\\n } | build-leaks.js:21:11:26:5 | stringifed | | build-leaks.js:22:24:25:14 | Object. ... }, {}) | build-leaks.js:21:24:26:5 | {\\n ... )\\n } | | build-leaks.js:22:49:22:51 | env | build-leaks.js:24:20:24:22 | env | | build-leaks.js:23:39:23:41 | raw | build-leaks.js:22:49:22:51 | env | | build-leaks.js:24:20:24:22 | env | build-leaks.js:22:24:25:14 | Object. ... }, {}) | +| build-leaks.js:24:20:24:22 | env | build-leaks.js:22:49:22:51 | env | | build-leaks.js:30:22:30:31 | stringifed | build-leaks.js:34:26:34:57 | getEnv( ... ngified | | build-leaks.js:30:22:30:31 | stringifed | build-leaks.js:34:26:34:57 | getEnv( ... ngified | | build-leaks.js:40:9:40:60 | pw | build-leaks.js:41:82:41:83 | pw | diff --git a/misc/bazel/BUILD.bazel b/misc/bazel/BUILD.bazel new file mode 100644 index 00000000000..e69de29bb2d diff --git a/misc/bazel/workspace.bzl b/misc/bazel/workspace.bzl new file mode 100644 index 00000000000..680938638c9 --- /dev/null +++ b/misc/bazel/workspace.bzl @@ -0,0 +1,47 @@ +load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") +load("@bazel_tools//tools/build_defs/repo:utils.bzl", "maybe") + +_swift_prebuilt_version = "swift-5.6-RELEASE.42271.54" +_swift_sha_map = { + "linux": "92b26fbbc45f812b0581385cc81470ab636fed9cff460052aa2173de765ddef4", + "macos-x86_64": "b24f609c7868c1709e1e552e3b394664014e6a7f1e097522db80deb359bbcd2f", +} + +_swift_arch_map = { + "linux": "linux", + "macos-x86_64": "darwin_x86_64", +} + +def codeql_workspace(repository_name = "codeql"): + for repo_arch, arch in _swift_arch_map.items(): + sha256 = _swift_sha_map[repo_arch] + + http_archive( + name = "swift_prebuilt_%s" % arch, + url = "https://github.com/dsp-testing/codeql-swift-artifacts/releases/download/%s/swift-prebuilt-%s.zip" % ( + _swift_prebuilt_version, + repo_arch, + ), + build_file = "@%s//swift/extractor:BUILD.swift-prebuilt.bazel" % repository_name, + sha256 = sha256, + ) + + maybe( + repo_rule = http_archive, + name = "rules_pkg", + sha256 = "62eeb544ff1ef41d786e329e1536c1d541bb9bcad27ae984d57f18f314018e66", + urls = [ + "https://mirror.bazel.build/github.com/bazelbuild/rules_pkg/releases/download/0.6.0/rules_pkg-0.6.0.tar.gz", + "https://github.com/bazelbuild/rules_pkg/releases/download/0.6.0/rules_pkg-0.6.0.tar.gz", + ], + ) + + maybe( + repo_rule = http_archive, + name = "platforms", + sha256 = "460caee0fa583b908c622913334ec3c1b842572b9c23cf0d3da0c2543a1a157d", + urls = [ + "https://mirror.bazel.build/github.com/bazelbuild/platforms/releases/download/0.0.3/platforms-0.0.3.tar.gz", + "https://github.com/bazelbuild/platforms/releases/download/0.0.3/platforms-0.0.3.tar.gz", + ], + ) diff --git a/misc/bazel/workspace_deps.bzl b/misc/bazel/workspace_deps.bzl new file mode 100644 index 00000000000..1c891d6eb8a --- /dev/null +++ b/misc/bazel/workspace_deps.bzl @@ -0,0 +1,4 @@ +load("@rules_pkg//:deps.bzl", "rules_pkg_dependencies") + +def codeql_workspace_deps(): + rules_pkg_dependencies() diff --git a/misc/suite-helpers/qlpack.yml b/misc/suite-helpers/qlpack.yml index 468a5e31722..eaa19fadb7c 100644 --- a/misc/suite-helpers/qlpack.yml +++ b/misc/suite-helpers/qlpack.yml @@ -1,3 +1,3 @@ name: codeql/suite-helpers -version: 0.0.3 +version: 0.1.0 groups: shared diff --git a/python/ql/lib/CHANGELOG.md b/python/ql/lib/CHANGELOG.md index a27de64e175..7ddd49392f4 100644 --- a/python/ql/lib/CHANGELOG.md +++ b/python/ql/lib/CHANGELOG.md @@ -1,3 +1,26 @@ +## 0.0.13 + +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. +* Some modules that started with a lowercase letter have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. + ## 0.0.11 ### Minor Analysis Improvements diff --git a/python/ql/lib/change-notes/2022-02-07-deleted-deprecations.md b/python/ql/lib/change-notes/2022-02-07-deleted-deprecations.md deleted file mode 100644 index e8da1e8e158..00000000000 --- a/python/ql/lib/change-notes/2022-02-07-deleted-deprecations.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. \ No newline at end of file diff --git a/python/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md b/python/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md deleted file mode 100644 index a79f286aacd..00000000000 --- a/python/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/python/ql/lib/change-notes/2022-02-07-deprecated-modules.md b/python/ql/lib/change-notes/2022-02-07-deprecated-modules.md deleted file mode 100644 index 561f68a150c..00000000000 --- a/python/ql/lib/change-notes/2022-02-07-deprecated-modules.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Some modules that started with a lowercase letter have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/python/ql/lib/change-notes/2022-03-14-flow-state-barriers.md b/python/ql/lib/change-notes/2022-03-14-flow-state-barriers.md deleted file mode 100644 index af6247a66fa..00000000000 --- a/python/ql/lib/change-notes/2022-03-14-flow-state-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. diff --git a/python/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md b/python/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md deleted file mode 100644 index 3481d507db3..00000000000 --- a/python/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. diff --git a/python/ql/lib/change-notes/released/0.0.12.md b/python/ql/lib/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..da94470d88d --- /dev/null +++ b/python/ql/lib/change-notes/released/0.0.12.md @@ -0,0 +1,20 @@ +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. +* Some modules that started with a lowercase letter have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* All deprecated predicates/classes/modules that have been deprecated for over a year have been deleted. diff --git a/python/ql/lib/change-notes/released/0.0.13.md b/python/ql/lib/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/python/ql/lib/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/python/ql/lib/codeql-pack.release.yml b/python/ql/lib/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/python/ql/lib/codeql-pack.release.yml +++ b/python/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/python/ql/lib/qlpack.yml b/python/ql/lib/qlpack.yml index bb519f0f44b..2efe939afa3 100644 --- a/python/ql/lib/qlpack.yml +++ b/python/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-all -version: 0.0.12-dev +version: 0.1.0-dev groups: python dbscheme: semmlecode.python.dbscheme extractor: python diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatchPointsTo.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatchPointsTo.qll new file mode 100644 index 00000000000..6564d4dc62e --- /dev/null +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowDispatchPointsTo.qll @@ -0,0 +1,558 @@ +/** + * INTERNAL: Do not use. + * + * Points-to based call-graph. + */ + +private import python +private import DataFlowPublic +private import semmle.python.SpecialMethods + +/** A parameter position represented by an integer. */ +class ParameterPosition extends int { + ParameterPosition() { exists(any(DataFlowCallable c).getParameter(this)) } +} + +/** An argument position represented by an integer. */ +class ArgumentPosition extends int { + ArgumentPosition() { exists(any(DataFlowCall c).getArg(this)) } +} + +/** Holds if arguments at position `apos` match parameters at position `ppos`. */ +pragma[inline] +predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) { ppos = apos } + +/** + * Computes routing of arguments to parameters + * + * When a call contains more positional arguments than there are positional parameters, + * the extra positional arguments are passed as a tuple to a starred parameter. This is + * achieved by synthesizing a node `TPosOverflowNode(call, callable)` + * that represents the tuple of extra positional arguments. There is a store step from each + * extra positional argument to this node. + * + * CURRENTLY NOT SUPPORTED: + * When a call contains an iterable unpacking argument, such as `func(*args)`, it is expanded into positional arguments. + * + * CURRENTLY NOT SUPPORTED: + * If a call contains an iterable unpacking argument, such as `func(*args)`, and the callee contains a starred argument, any extra + * positional arguments are passed to the starred argument. + * + * When a call contains keyword arguments that do not correspond to keyword parameters, these + * extra keyword arguments are passed as a dictionary to a doubly starred parameter. This is + * achieved by synthesizing a node `TKwOverflowNode(call, callable)` + * that represents the dictionary of extra keyword arguments. There is a store step from each + * extra keyword argument to this node. + * + * When a call contains a dictionary unpacking argument, such as `func(**kwargs)`, with entries corresponding to a keyword parameter, + * the value at such a key is unpacked and passed to the parameter. This is achieved + * by synthesizing an argument node `TKwUnpacked(call, callable, name)` representing the unpacked + * value. This node is used as the argument passed to the matching keyword parameter. There is a read + * step from the dictionary argument to the synthesized argument node. + * + * When a call contains a dictionary unpacking argument, such as `func(**kwargs)`, and the callee contains a doubly starred parameter, + * entries which are not unpacked are passed to the doubly starred parameter. This is achieved by + * adding a dataflow step from the dictionary argument to `TKwOverflowNode(call, callable)` and a + * step to clear content of that node at any unpacked keys. + * + * ## Examples: + * Assume that we have the callable + * ```python + * def f(x, y, *t, **d): + * pass + * ``` + * Then the call + * ```python + * f(0, 1, 2, a=3) + * ``` + * will be modeled as + * ```python + * f(0, 1, [*t], [**d]) + * ``` + * where `[` and `]` denotes synthesized nodes, so `[*t]` is the synthesized tuple argument + * `TPosOverflowNode` and `[**d]` is the synthesized dictionary argument `TKwOverflowNode`. + * There will be a store step from `2` to `[*t]` at pos `0` and one from `3` to `[**d]` at key + * `a`. + * + * For the call + * ```python + * f(0, **{"y": 1, "a": 3}) + * ``` + * no tuple argument is synthesized. It is modeled as + * ```python + * f(0, [y=1], [**d]) + * ``` + * where `[y=1]` is the synthesized unpacked argument `TKwUnpacked` (with `name` = `y`). There is + * a read step from `**{"y": 1, "a": 3}` to `[y=1]` at key `y` to get the value passed to the parameter + * `y`. There is a dataflow step from `**{"y": 1, "a": 3}` to `[**d]` to transfer the content and + * a clearing of content at key `y` for node `[**d]`, since that value has been unpacked. + */ +module ArgumentPassing { + /** + * Holds if `call` represents a `DataFlowCall` to a `DataFlowCallable` represented by `callable`. + * + * It _may not_ be the case that `call = callable.getACall()`, i.e. if `call` represents a `ClassCall`. + * + * Used to limit the size of predicates. + */ + predicate connects(CallNode call, CallableValue callable) { + exists(DataFlowCall c | + call = c.getNode() and + callable = c.getCallable().getCallableValue() + ) + } + + /** + * Gets the `n`th parameter of `callable`. + * If the callable has a starred parameter, say `*tuple`, that is matched with `n=-1`. + * If the callable has a doubly starred parameter, say `**dict`, that is matched with `n=-2`. + * Note that, unlike other languages, we do _not_ use -1 for the position of `self` in Python, + * as it is an explicit parameter at position 0. + */ + NameNode getParameter(CallableValue callable, int n) { + // positional parameter + result = callable.getParameter(n) + or + // starred parameter, `*tuple` + exists(Function f | + f = callable.getScope() and + n = -1 and + result = f.getVararg().getAFlowNode() + ) + or + // doubly starred parameter, `**dict` + exists(Function f | + f = callable.getScope() and + n = -2 and + result = f.getKwarg().getAFlowNode() + ) + } + + /** + * A type representing a mapping from argument indices to parameter indices. + * We currently use two mappings: NoShift, the identity, used for ordinary + * function calls, and ShiftOneUp which is used for calls where an extra argument + * is inserted. These include method calls, constructor calls and class calls. + * In these calls, the argument at index `n` is mapped to the parameter at position `n+1`. + */ + newtype TArgParamMapping = + TNoShift() or + TShiftOneUp() + + /** A mapping used for parameter passing. */ + abstract class ArgParamMapping extends TArgParamMapping { + /** Gets the index of the parameter that corresponds to the argument at index `argN`. */ + bindingset[argN] + abstract int getParamN(int argN); + + /** Gets a textual representation of this element. */ + abstract string toString(); + } + + /** A mapping that passes argument `n` to parameter `n`. */ + class NoShift extends ArgParamMapping, TNoShift { + NoShift() { this = TNoShift() } + + override string toString() { result = "NoShift [n -> n]" } + + bindingset[argN] + override int getParamN(int argN) { result = argN } + } + + /** A mapping that passes argument `n` to parameter `n+1`. */ + class ShiftOneUp extends ArgParamMapping, TShiftOneUp { + ShiftOneUp() { this = TShiftOneUp() } + + override string toString() { result = "ShiftOneUp [n -> n+1]" } + + bindingset[argN] + override int getParamN(int argN) { result = argN + 1 } + } + + /** + * Gets the node representing the argument to `call` that is passed to the parameter at + * (zero-based) index `paramN` in `callable`. If this is a positional argument, it must appear + * at an index, `argN`, in `call` wich satisfies `paramN = mapping.getParamN(argN)`. + * + * `mapping` will be the identity for function calls, but not for method- or constructor calls, + * where the first parameter is `self` and the first positional argument is passed to the second positional parameter. + * Similarly for classmethod calls, where the first parameter is `cls`. + * + * NOT SUPPORTED: Keyword-only parameters. + */ + Node getArg(CallNode call, ArgParamMapping mapping, CallableValue callable, int paramN) { + connects(call, callable) and + ( + // positional argument + exists(int argN | + paramN = mapping.getParamN(argN) and + result = TCfgNode(call.getArg(argN)) + ) + or + // keyword argument + // TODO: Since `getArgName` have no results for keyword-only parameters, + // these are currently not supported. + exists(Function f, string argName | + f = callable.getScope() and + f.getArgName(paramN) = argName and + result = TCfgNode(call.getArgByName(unbind_string(argName))) + ) + or + // a synthezised argument passed to the starred parameter (at position -1) + callable.getScope().hasVarArg() and + paramN = -1 and + result = TPosOverflowNode(call, callable) + or + // a synthezised argument passed to the doubly starred parameter (at position -2) + callable.getScope().hasKwArg() and + paramN = -2 and + result = TKwOverflowNode(call, callable) + or + // argument unpacked from dict + exists(string name | + call_unpacks(call, mapping, callable, name, paramN) and + result = TKwUnpackedNode(call, callable, name) + ) + ) + } + + /** Currently required in `getArg` in order to prevent a bad join. */ + bindingset[result, s] + private string unbind_string(string s) { result <= s and s <= result } + + /** Gets the control flow node that is passed as the `n`th overflow positional argument. */ + ControlFlowNode getPositionalOverflowArg(CallNode call, CallableValue callable, int n) { + connects(call, callable) and + exists(Function f, int posCount, int argNr | + f = callable.getScope() and + f.hasVarArg() and + posCount = f.getPositionalParameterCount() and + result = call.getArg(argNr) and + argNr >= posCount and + argNr = posCount + n + ) + } + + /** Gets the control flow node that is passed as the overflow keyword argument with key `key`. */ + ControlFlowNode getKeywordOverflowArg(CallNode call, CallableValue callable, string key) { + connects(call, callable) and + exists(Function f | + f = callable.getScope() and + f.hasKwArg() and + not exists(f.getArgByName(key)) and + result = call.getArgByName(key) + ) + } + + /** + * Holds if `call` unpacks a dictionary argument in order to pass it via `name`. + * It will then be passed to the parameter of `callable` at index `paramN`. + */ + predicate call_unpacks( + CallNode call, ArgParamMapping mapping, CallableValue callable, string name, int paramN + ) { + connects(call, callable) and + exists(Function f | + f = callable.getScope() and + not exists(int argN | paramN = mapping.getParamN(argN) | exists(call.getArg(argN))) and // no positional argument available + name = f.getArgName(paramN) and + // not exists(call.getArgByName(name)) and // only matches keyword arguments not preceded by ** + // TODO: make the below logic respect control flow splitting (by not going to the AST). + not call.getNode().getANamedArg().(Keyword).getArg() = name and // no keyword argument available + paramN >= 0 and + paramN < f.getPositionalParameterCount() + f.getKeywordOnlyParameterCount() and + exists(call.getNode().getKwargs()) // dict argument available + ) + } +} + +import ArgumentPassing + +/** + * IPA type for DataFlowCallable. + * + * A callable is either a function value, a class value, or a module (for enclosing `ModuleVariableNode`s). + * A module has no calls. + */ +newtype TDataFlowCallable = + TCallableValue(CallableValue callable) { + callable instanceof FunctionValue and + not callable.(FunctionValue).isLambda() + or + callable instanceof ClassValue + } or + TLambda(Function lambda) { lambda.isLambda() } or + TModule(Module m) + +/** A callable. */ +abstract class DataFlowCallable extends TDataFlowCallable { + /** Gets a textual representation of this element. */ + abstract string toString(); + + /** Gets a call to this callable. */ + abstract CallNode getACall(); + + /** Gets the scope of this callable */ + abstract Scope getScope(); + + /** Gets the specified parameter of this callable */ + abstract NameNode getParameter(int n); + + /** Gets the name of this callable. */ + abstract string getName(); + + /** Gets a callable value for this callable, if one exists. */ + abstract CallableValue getCallableValue(); +} + +/** A class representing a callable value. */ +class DataFlowCallableValue extends DataFlowCallable, TCallableValue { + CallableValue callable; + + DataFlowCallableValue() { this = TCallableValue(callable) } + + override string toString() { result = callable.toString() } + + override CallNode getACall() { result = callable.getACall() } + + override Scope getScope() { result = callable.getScope() } + + override NameNode getParameter(int n) { result = getParameter(callable, n) } + + override string getName() { result = callable.getName() } + + override CallableValue getCallableValue() { result = callable } +} + +/** A class representing a callable lambda. */ +class DataFlowLambda extends DataFlowCallable, TLambda { + Function lambda; + + DataFlowLambda() { this = TLambda(lambda) } + + override string toString() { result = lambda.toString() } + + override CallNode getACall() { result = this.getCallableValue().getACall() } + + override Scope getScope() { result = lambda.getEvaluatingScope() } + + override NameNode getParameter(int n) { result = getParameter(this.getCallableValue(), n) } + + override string getName() { result = "Lambda callable" } + + override FunctionValue getCallableValue() { + result.getOrigin().getNode() = lambda.getDefinition() + } +} + +/** A class representing the scope in which a `ModuleVariableNode` appears. */ +class DataFlowModuleScope extends DataFlowCallable, TModule { + Module mod; + + DataFlowModuleScope() { this = TModule(mod) } + + override string toString() { result = mod.toString() } + + override CallNode getACall() { none() } + + override Scope getScope() { result = mod } + + override NameNode getParameter(int n) { none() } + + override string getName() { result = mod.getName() } + + override CallableValue getCallableValue() { none() } +} + +/** + * IPA type for DataFlowCall. + * + * Calls corresponding to `CallNode`s are either to callable values or to classes. + * The latter is directed to the callable corresponding to the `__init__` method of the class. + * + * An `__init__` method can also be called directly, so that the callable can be targeted by + * different types of calls. In that case, the parameter mappings will be different, + * as the class call will synthesize an argument node to be mapped to the `self` parameter. + * + * A call corresponding to a special method call is handled by the corresponding `SpecialMethodCallNode`. + * + * TODO: Add `TClassMethodCall` mapping `cls` appropriately. + */ +newtype TDataFlowCall = + TFunctionCall(CallNode call) { call = any(FunctionValue f).getAFunctionCall() } or + /** Bound methods need to make room for the explicit self parameter */ + TMethodCall(CallNode call) { call = any(FunctionValue f).getAMethodCall() } or + TClassCall(CallNode call) { call = any(ClassValue c | not c.isAbsent()).getACall() } or + TSpecialCall(SpecialMethodCallNode special) + +/** A call. */ +abstract class DataFlowCall extends TDataFlowCall { + /** Gets a textual representation of this element. */ + abstract string toString(); + + /** Get the callable to which this call goes. */ + abstract DataFlowCallable getCallable(); + + /** + * Gets the argument to this call that will be sent + * to the `n`th parameter of the callable. + */ + abstract Node getArg(int n); + + /** Get the control flow node representing this call. */ + abstract ControlFlowNode getNode(); + + /** Gets the enclosing callable of this call. */ + abstract DataFlowCallable getEnclosingCallable(); + + /** Gets the location of this dataflow call. */ + Location getLocation() { result = this.getNode().getLocation() } +} + +/** + * A call to a function/lambda. + * This excludes calls to bound methods, classes, and special methods. + * Bound method calls and class calls insert an argument for the explicit + * `self` parameter, and special method calls have special argument passing. + */ +class FunctionCall extends DataFlowCall, TFunctionCall { + CallNode call; + DataFlowCallable callable; + + FunctionCall() { + this = TFunctionCall(call) and + call = callable.getACall() + } + + override string toString() { result = call.toString() } + + override Node getArg(int n) { result = getArg(call, TNoShift(), callable.getCallableValue(), n) } + + override ControlFlowNode getNode() { result = call } + + override DataFlowCallable getCallable() { result = callable } + + override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getNode().getScope() } +} + +/** + * Represents a call to a bound method call. + * The node representing the instance is inserted as argument to the `self` parameter. + */ +class MethodCall extends DataFlowCall, TMethodCall { + CallNode call; + FunctionValue bm; + + MethodCall() { + this = TMethodCall(call) and + call = bm.getACall() + } + + private CallableValue getCallableValue() { result = bm } + + override string toString() { result = call.toString() } + + override Node getArg(int n) { + n > 0 and result = getArg(call, TShiftOneUp(), this.getCallableValue(), n) + or + n = 0 and result = TCfgNode(call.getFunction().(AttrNode).getObject()) + } + + override ControlFlowNode getNode() { result = call } + + override DataFlowCallable getCallable() { result = TCallableValue(this.getCallableValue()) } + + override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getScope() } +} + +/** + * Represents a call to a class. + * The pre-update node for the call is inserted as argument to the `self` parameter. + * That makes the call node be the post-update node holding the value of the object + * after the constructor has run. + */ +class ClassCall extends DataFlowCall, TClassCall { + CallNode call; + ClassValue c; + + ClassCall() { + this = TClassCall(call) and + call = c.getACall() + } + + private CallableValue getCallableValue() { c.getScope().getInitMethod() = result.getScope() } + + override string toString() { result = call.toString() } + + override Node getArg(int n) { + n > 0 and result = getArg(call, TShiftOneUp(), this.getCallableValue(), n) + or + n = 0 and result = TSyntheticPreUpdateNode(TCfgNode(call)) + } + + override ControlFlowNode getNode() { result = call } + + override DataFlowCallable getCallable() { result = TCallableValue(this.getCallableValue()) } + + override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getScope() } +} + +/** A call to a special method. */ +class SpecialCall extends DataFlowCall, TSpecialCall { + SpecialMethodCallNode special; + + SpecialCall() { this = TSpecialCall(special) } + + override string toString() { result = special.toString() } + + override Node getArg(int n) { result = TCfgNode(special.(SpecialMethod::Potential).getArg(n)) } + + override ControlFlowNode getNode() { result = special } + + override DataFlowCallable getCallable() { + result = TCallableValue(special.getResolvedSpecialMethod()) + } + + override DataFlowCallable getEnclosingCallable() { + result.getScope() = special.getNode().getScope() + } +} + +/** Gets a viable run-time target for the call `call`. */ +DataFlowCallable viableCallable(DataFlowCall call) { result = call.getCallable() } + +private newtype TReturnKind = TNormalReturnKind() + +/** + * A return kind. A return kind describes how a value can be returned + * from a callable. For Python, this is simply a method return. + */ +class ReturnKind extends TReturnKind { + /** Gets a textual representation of this element. */ + string toString() { result = "return" } +} + +/** A data flow node that represents a value returned by a callable. */ +class ReturnNode extends CfgNode { + Return ret; + + // See `TaintTrackingImplementation::returnFlowStep` + ReturnNode() { node = ret.getValue().getAFlowNode() } + + /** Gets the kind of this return node. */ + ReturnKind getKind() { any() } +} + +/** A data flow node that represents the output of a call. */ +class OutNode extends CfgNode { + OutNode() { node instanceof CallNode } +} + +/** + * Gets a node that can read the value returned from `call` with return kind + * `kind`. + */ +OutNode getAnOutNode(DataFlowCall call, ReturnKind kind) { + call.getNode() = result.getNode() and + kind = TNormalReturnKind() +} diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll index 9800e02ccf1..bb98acf0494 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll index 9800e02ccf1..bb98acf0494 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl2.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll index 9800e02ccf1..bb98acf0494 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl3.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll index 9800e02ccf1..bb98acf0494 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowImpl4.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll index e7dc3a9e481..da0c6ef171b 100644 --- a/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll +++ b/python/ql/lib/semmle/python/dataflow/new/internal/DataFlowPrivate.qll @@ -1,6 +1,5 @@ private import python private import DataFlowPublic -import semmle.python.SpecialMethods private import semmle.python.essa.SsaCompute private import semmle.python.dataflow.new.internal.ImportStar // Since we allow extra data-flow steps from modeled frameworks, we import these @@ -12,24 +11,15 @@ private import semmle.python.dataflow.new.internal.ImportStar // // This matches behavior in C#. private import semmle.python.Frameworks +// part of the implementation for this module has been spread over multiple files to +// make it more digestible. +import MatchUnpacking +import IterableUnpacking +import DataFlowDispatchPointsTo /** Gets the callable in which this node occurs. */ DataFlowCallable nodeGetEnclosingCallable(Node n) { result = n.getEnclosingCallable() } -/** A parameter position represented by an integer. */ -class ParameterPosition extends int { - ParameterPosition() { exists(any(DataFlowCallable c).getParameter(this)) } -} - -/** An argument position represented by an integer. */ -class ArgumentPosition extends int { - ArgumentPosition() { exists(any(DataFlowCall c).getArg(this)) } -} - -/** Holds if arguments at position `apos` match parameters at position `ppos`. */ -pragma[inline] -predicate parameterMatch(ParameterPosition ppos, ArgumentPosition apos) { ppos = apos } - /** Holds if `p` is a `ParameterNode` of `c` with position `pos`. */ predicate isParameterNode(ParameterNode p, DataFlowCallable c, ParameterPosition pos) { p.isParameterOf(c, pos) @@ -361,546 +351,6 @@ private Node update(Node node) { result.(PostUpdateNode).getPreUpdateNode() = node } -// TODO: Make modules for these headings -//-------- -// Global flow -//-------- -// -/** - * Computes routing of arguments to parameters - * - * When a call contains more positional arguments than there are positional parameters, - * the extra positional arguments are passed as a tuple to a starred parameter. This is - * achieved by synthesizing a node `TPosOverflowNode(call, callable)` - * that represents the tuple of extra positional arguments. There is a store step from each - * extra positional argument to this node. - * - * CURRENTLY NOT SUPPORTED: - * When a call contains an iterable unpacking argument, such as `func(*args)`, it is expanded into positional arguments. - * - * CURRENTLY NOT SUPPORTED: - * If a call contains an iterable unpacking argument, such as `func(*args)`, and the callee contains a starred argument, any extra - * positional arguments are passed to the starred argument. - * - * When a call contains keyword arguments that do not correspond to keyword parameters, these - * extra keyword arguments are passed as a dictionary to a doubly starred parameter. This is - * achieved by synthesizing a node `TKwOverflowNode(call, callable)` - * that represents the dictionary of extra keyword arguments. There is a store step from each - * extra keyword argument to this node. - * - * When a call contains a dictionary unpacking argument, such as `func(**kwargs)`, with entries corresponding to a keyword parameter, - * the value at such a key is unpacked and passed to the parameter. This is achieved - * by synthesizing an argument node `TKwUnpacked(call, callable, name)` representing the unpacked - * value. This node is used as the argument passed to the matching keyword parameter. There is a read - * step from the dictionary argument to the synthesized argument node. - * - * When a call contains a dictionary unpacking argument, such as `func(**kwargs)`, and the callee contains a doubly starred parameter, - * entries which are not unpacked are passed to the doubly starred parameter. This is achieved by - * adding a dataflow step from the dictionary argument to `TKwOverflowNode(call, callable)` and a - * step to clear content of that node at any unpacked keys. - * - * ## Examples: - * Assume that we have the callable - * ```python - * def f(x, y, *t, **d): - * pass - * ``` - * Then the call - * ```python - * f(0, 1, 2, a=3) - * ``` - * will be modeled as - * ```python - * f(0, 1, [*t], [**d]) - * ``` - * where `[` and `]` denotes synthesized nodes, so `[*t]` is the synthesized tuple argument - * `TPosOverflowNode` and `[**d]` is the synthesized dictionary argument `TKwOverflowNode`. - * There will be a store step from `2` to `[*t]` at pos `0` and one from `3` to `[**d]` at key - * `a`. - * - * For the call - * ```python - * f(0, **{"y": 1, "a": 3}) - * ``` - * no tuple argument is synthesized. It is modeled as - * ```python - * f(0, [y=1], [**d]) - * ``` - * where `[y=1]` is the synthesized unpacked argument `TKwUnpacked` (with `name` = `y`). There is - * a read step from `**{"y": 1, "a": 3}` to `[y=1]` at key `y` to get the value passed to the parameter - * `y`. There is a dataflow step from `**{"y": 1, "a": 3}` to `[**d]` to transfer the content and - * a clearing of content at key `y` for node `[**d]`, since that value has been unpacked. - */ -module ArgumentPassing { - /** - * Holds if `call` represents a `DataFlowCall` to a `DataFlowCallable` represented by `callable`. - * - * It _may not_ be the case that `call = callable.getACall()`, i.e. if `call` represents a `ClassCall`. - * - * Used to limit the size of predicates. - */ - predicate connects(CallNode call, CallableValue callable) { - exists(DataFlowCall c | - call = c.getNode() and - callable = c.getCallable().getCallableValue() - ) - } - - /** - * Gets the `n`th parameter of `callable`. - * If the callable has a starred parameter, say `*tuple`, that is matched with `n=-1`. - * If the callable has a doubly starred parameter, say `**dict`, that is matched with `n=-2`. - * Note that, unlike other languages, we do _not_ use -1 for the position of `self` in Python, - * as it is an explicit parameter at position 0. - */ - NameNode getParameter(CallableValue callable, int n) { - // positional parameter - result = callable.getParameter(n) - or - // starred parameter, `*tuple` - exists(Function f | - f = callable.getScope() and - n = -1 and - result = f.getVararg().getAFlowNode() - ) - or - // doubly starred parameter, `**dict` - exists(Function f | - f = callable.getScope() and - n = -2 and - result = f.getKwarg().getAFlowNode() - ) - } - - /** - * A type representing a mapping from argument indices to parameter indices. - * We currently use two mappings: NoShift, the identity, used for ordinary - * function calls, and ShiftOneUp which is used for calls where an extra argument - * is inserted. These include method calls, constructor calls and class calls. - * In these calls, the argument at index `n` is mapped to the parameter at position `n+1`. - */ - newtype TArgParamMapping = - TNoShift() or - TShiftOneUp() - - /** A mapping used for parameter passing. */ - abstract class ArgParamMapping extends TArgParamMapping { - /** Gets the index of the parameter that corresponds to the argument at index `argN`. */ - bindingset[argN] - abstract int getParamN(int argN); - - /** Gets a textual representation of this element. */ - abstract string toString(); - } - - /** A mapping that passes argument `n` to parameter `n`. */ - class NoShift extends ArgParamMapping, TNoShift { - NoShift() { this = TNoShift() } - - override string toString() { result = "NoShift [n -> n]" } - - bindingset[argN] - override int getParamN(int argN) { result = argN } - } - - /** A mapping that passes argument `n` to parameter `n+1`. */ - class ShiftOneUp extends ArgParamMapping, TShiftOneUp { - ShiftOneUp() { this = TShiftOneUp() } - - override string toString() { result = "ShiftOneUp [n -> n+1]" } - - bindingset[argN] - override int getParamN(int argN) { result = argN + 1 } - } - - /** - * Gets the node representing the argument to `call` that is passed to the parameter at - * (zero-based) index `paramN` in `callable`. If this is a positional argument, it must appear - * at an index, `argN`, in `call` wich satisfies `paramN = mapping.getParamN(argN)`. - * - * `mapping` will be the identity for function calls, but not for method- or constructor calls, - * where the first parameter is `self` and the first positional argument is passed to the second positional parameter. - * Similarly for classmethod calls, where the first parameter is `cls`. - * - * NOT SUPPORTED: Keyword-only parameters. - */ - Node getArg(CallNode call, ArgParamMapping mapping, CallableValue callable, int paramN) { - connects(call, callable) and - ( - // positional argument - exists(int argN | - paramN = mapping.getParamN(argN) and - result = TCfgNode(call.getArg(argN)) - ) - or - // keyword argument - // TODO: Since `getArgName` have no results for keyword-only parameters, - // these are currently not supported. - exists(Function f, string argName | - f = callable.getScope() and - f.getArgName(paramN) = argName and - result = TCfgNode(call.getArgByName(unbind_string(argName))) - ) - or - // a synthezised argument passed to the starred parameter (at position -1) - callable.getScope().hasVarArg() and - paramN = -1 and - result = TPosOverflowNode(call, callable) - or - // a synthezised argument passed to the doubly starred parameter (at position -2) - callable.getScope().hasKwArg() and - paramN = -2 and - result = TKwOverflowNode(call, callable) - or - // argument unpacked from dict - exists(string name | - call_unpacks(call, mapping, callable, name, paramN) and - result = TKwUnpackedNode(call, callable, name) - ) - ) - } - - /** Currently required in `getArg` in order to prevent a bad join. */ - bindingset[result, s] - private string unbind_string(string s) { result <= s and s <= result } - - /** Gets the control flow node that is passed as the `n`th overflow positional argument. */ - ControlFlowNode getPositionalOverflowArg(CallNode call, CallableValue callable, int n) { - connects(call, callable) and - exists(Function f, int posCount, int argNr | - f = callable.getScope() and - f.hasVarArg() and - posCount = f.getPositionalParameterCount() and - result = call.getArg(argNr) and - argNr >= posCount and - argNr = posCount + n - ) - } - - /** Gets the control flow node that is passed as the overflow keyword argument with key `key`. */ - ControlFlowNode getKeywordOverflowArg(CallNode call, CallableValue callable, string key) { - connects(call, callable) and - exists(Function f | - f = callable.getScope() and - f.hasKwArg() and - not exists(f.getArgByName(key)) and - result = call.getArgByName(key) - ) - } - - /** - * Holds if `call` unpacks a dictionary argument in order to pass it via `name`. - * It will then be passed to the parameter of `callable` at index `paramN`. - */ - predicate call_unpacks( - CallNode call, ArgParamMapping mapping, CallableValue callable, string name, int paramN - ) { - connects(call, callable) and - exists(Function f | - f = callable.getScope() and - not exists(int argN | paramN = mapping.getParamN(argN) | exists(call.getArg(argN))) and // no positional argument available - name = f.getArgName(paramN) and - // not exists(call.getArgByName(name)) and // only matches keyword arguments not preceded by ** - // TODO: make the below logic respect control flow splitting (by not going to the AST). - not call.getNode().getANamedArg().(Keyword).getArg() = name and // no keyword argument available - paramN >= 0 and - paramN < f.getPositionalParameterCount() + f.getKeywordOnlyParameterCount() and - exists(call.getNode().getKwargs()) // dict argument available - ) - } -} - -import ArgumentPassing - -/** - * IPA type for DataFlowCallable. - * - * A callable is either a function value, a class value, or a module (for enclosing `ModuleVariableNode`s). - * A module has no calls. - */ -newtype TDataFlowCallable = - TCallableValue(CallableValue callable) { - callable instanceof FunctionValue and - not callable.(FunctionValue).isLambda() - or - callable instanceof ClassValue - } or - TLambda(Function lambda) { lambda.isLambda() } or - TModule(Module m) - -/** A callable. */ -abstract class DataFlowCallable extends TDataFlowCallable { - /** Gets a textual representation of this element. */ - abstract string toString(); - - /** Gets a call to this callable. */ - abstract CallNode getACall(); - - /** Gets the scope of this callable */ - abstract Scope getScope(); - - /** Gets the specified parameter of this callable */ - abstract NameNode getParameter(int n); - - /** Gets the name of this callable. */ - abstract string getName(); - - /** Gets a callable value for this callable, if one exists. */ - abstract CallableValue getCallableValue(); -} - -/** A class representing a callable value. */ -class DataFlowCallableValue extends DataFlowCallable, TCallableValue { - CallableValue callable; - - DataFlowCallableValue() { this = TCallableValue(callable) } - - override string toString() { result = callable.toString() } - - override CallNode getACall() { result = callable.getACall() } - - override Scope getScope() { result = callable.getScope() } - - override NameNode getParameter(int n) { result = getParameter(callable, n) } - - override string getName() { result = callable.getName() } - - override CallableValue getCallableValue() { result = callable } -} - -/** A class representing a callable lambda. */ -class DataFlowLambda extends DataFlowCallable, TLambda { - Function lambda; - - DataFlowLambda() { this = TLambda(lambda) } - - override string toString() { result = lambda.toString() } - - override CallNode getACall() { result = this.getCallableValue().getACall() } - - override Scope getScope() { result = lambda.getEvaluatingScope() } - - override NameNode getParameter(int n) { result = getParameter(this.getCallableValue(), n) } - - override string getName() { result = "Lambda callable" } - - override FunctionValue getCallableValue() { - result.getOrigin().getNode() = lambda.getDefinition() - } -} - -/** A class representing the scope in which a `ModuleVariableNode` appears. */ -class DataFlowModuleScope extends DataFlowCallable, TModule { - Module mod; - - DataFlowModuleScope() { this = TModule(mod) } - - override string toString() { result = mod.toString() } - - override CallNode getACall() { none() } - - override Scope getScope() { result = mod } - - override NameNode getParameter(int n) { none() } - - override string getName() { result = mod.getName() } - - override CallableValue getCallableValue() { none() } -} - -/** - * IPA type for DataFlowCall. - * - * Calls corresponding to `CallNode`s are either to callable values or to classes. - * The latter is directed to the callable corresponding to the `__init__` method of the class. - * - * An `__init__` method can also be called directly, so that the callable can be targeted by - * different types of calls. In that case, the parameter mappings will be different, - * as the class call will synthesize an argument node to be mapped to the `self` parameter. - * - * A call corresponding to a special method call is handled by the corresponding `SpecialMethodCallNode`. - * - * TODO: Add `TClassMethodCall` mapping `cls` appropriately. - */ -newtype TDataFlowCall = - TFunctionCall(CallNode call) { call = any(FunctionValue f).getAFunctionCall() } or - /** Bound methods need to make room for the explicit self parameter */ - TMethodCall(CallNode call) { call = any(FunctionValue f).getAMethodCall() } or - TClassCall(CallNode call) { call = any(ClassValue c | not c.isAbsent()).getACall() } or - TSpecialCall(SpecialMethodCallNode special) - -/** A call. */ -abstract class DataFlowCall extends TDataFlowCall { - /** Gets a textual representation of this element. */ - abstract string toString(); - - /** Get the callable to which this call goes. */ - abstract DataFlowCallable getCallable(); - - /** - * Gets the argument to this call that will be sent - * to the `n`th parameter of the callable. - */ - abstract Node getArg(int n); - - /** Get the control flow node representing this call. */ - abstract ControlFlowNode getNode(); - - /** Gets the enclosing callable of this call. */ - abstract DataFlowCallable getEnclosingCallable(); - - /** Gets the location of this dataflow call. */ - Location getLocation() { result = this.getNode().getLocation() } -} - -/** - * A call to a function/lambda. - * This excludes calls to bound methods, classes, and special methods. - * Bound method calls and class calls insert an argument for the explicit - * `self` parameter, and special method calls have special argument passing. - */ -class FunctionCall extends DataFlowCall, TFunctionCall { - CallNode call; - DataFlowCallable callable; - - FunctionCall() { - this = TFunctionCall(call) and - call = callable.getACall() - } - - override string toString() { result = call.toString() } - - override Node getArg(int n) { result = getArg(call, TNoShift(), callable.getCallableValue(), n) } - - override ControlFlowNode getNode() { result = call } - - override DataFlowCallable getCallable() { result = callable } - - override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getNode().getScope() } -} - -/** - * Represents a call to a bound method call. - * The node representing the instance is inserted as argument to the `self` parameter. - */ -class MethodCall extends DataFlowCall, TMethodCall { - CallNode call; - FunctionValue bm; - - MethodCall() { - this = TMethodCall(call) and - call = bm.getACall() - } - - private CallableValue getCallableValue() { result = bm } - - override string toString() { result = call.toString() } - - override Node getArg(int n) { - n > 0 and result = getArg(call, TShiftOneUp(), this.getCallableValue(), n) - or - n = 0 and result = TCfgNode(call.getFunction().(AttrNode).getObject()) - } - - override ControlFlowNode getNode() { result = call } - - override DataFlowCallable getCallable() { result = TCallableValue(this.getCallableValue()) } - - override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getScope() } -} - -/** - * Represents a call to a class. - * The pre-update node for the call is inserted as argument to the `self` parameter. - * That makes the call node be the post-update node holding the value of the object - * after the constructor has run. - */ -class ClassCall extends DataFlowCall, TClassCall { - CallNode call; - ClassValue c; - - ClassCall() { - this = TClassCall(call) and - call = c.getACall() - } - - private CallableValue getCallableValue() { c.getScope().getInitMethod() = result.getScope() } - - override string toString() { result = call.toString() } - - override Node getArg(int n) { - n > 0 and result = getArg(call, TShiftOneUp(), this.getCallableValue(), n) - or - n = 0 and result = TSyntheticPreUpdateNode(TCfgNode(call)) - } - - override ControlFlowNode getNode() { result = call } - - override DataFlowCallable getCallable() { result = TCallableValue(this.getCallableValue()) } - - override DataFlowCallable getEnclosingCallable() { result.getScope() = call.getScope() } -} - -/** A call to a special method. */ -class SpecialCall extends DataFlowCall, TSpecialCall { - SpecialMethodCallNode special; - - SpecialCall() { this = TSpecialCall(special) } - - override string toString() { result = special.toString() } - - override Node getArg(int n) { result = TCfgNode(special.(SpecialMethod::Potential).getArg(n)) } - - override ControlFlowNode getNode() { result = special } - - override DataFlowCallable getCallable() { - result = TCallableValue(special.getResolvedSpecialMethod()) - } - - override DataFlowCallable getEnclosingCallable() { - result.getScope() = special.getNode().getScope() - } -} - -/** Gets a viable run-time target for the call `call`. */ -DataFlowCallable viableCallable(DataFlowCall call) { result = call.getCallable() } - -private newtype TReturnKind = TNormalReturnKind() - -/** - * A return kind. A return kind describes how a value can be returned - * from a callable. For Python, this is simply a method return. - */ -class ReturnKind extends TReturnKind { - /** Gets a textual representation of this element. */ - string toString() { result = "return" } -} - -/** A data flow node that represents a value returned by a callable. */ -class ReturnNode extends CfgNode { - Return ret; - - // See `TaintTrackingImplementation::returnFlowStep` - ReturnNode() { node = ret.getValue().getAFlowNode() } - - /** Gets the kind of this return node. */ - ReturnKind getKind() { any() } -} - -/** A data flow node that represents the output of a call. */ -class OutNode extends CfgNode { - OutNode() { node instanceof CallNode } -} - -/** - * Gets a node that can read the value returned from `call` with return kind - * `kind`. - */ -OutNode getAnOutNode(DataFlowCall call, ReturnKind kind) { - call.getNode() = result.getNode() and - kind = TNormalReturnKind() -} - //-------- // Type pruning //-------- @@ -1262,717 +712,6 @@ predicate subscriptReadStep(CfgNode nodeFrom, Content c, CfgNode nodeTo) { ) } -/** - * The unpacking assignment takes the general form - * ```python - * sequence = iterable - * ``` - * where `sequence` is either a tuple or a list and it can contain wildcards. - * The iterable can be any iterable, which means that (CodeQL modeling of) content - * will need to change type if it should be transferred from the LHS to the RHS. - * - * Note that (CodeQL modeling of) content does not have to change type on data-flow - * paths _inside_ the LHS, as the different allowed syntaxes here are merely a convenience. - * Consequently, we model all LHS sequences as tuples, which have the more precise content - * model, making flow to the elements more precise. If an element is a starred variable, - * we will have to mutate the content type to be list content. - * - * We may for instance have - * ```python - * (a, b) = ["a", SOURCE] # RHS has content `ListElementContent` - * ``` - * Due to the abstraction for list content, we do not know whether `SOURCE` - * ends up in `a` or in `b`, so we want to overapproximate and see it in both. - * - * Using wildcards we may have - * ```python - * (a, *b) = ("a", "b", SOURCE) # RHS has content `TupleElementContent(2)` - * ``` - * Since the starred variables are always assigned (Python-)type list, `*b` will be - * `["b", SOURCE]`, and we will again overapproximate and assign it - * content corresponding to anything found in the RHS. - * - * For a precise transfer - * ```python - * (a, b) = ("a", SOURCE) # RHS has content `TupleElementContent(1)` - * ``` - * we wish to keep the precision, so only `b` receives the tuple content at index 1. - * - * Finally, `sequence` is actually a pattern and can have a more complicated structure, - * such as - * ```python - * (a, [b, *c]) = ("a", ["b", SOURCE]) # RHS has content `TupleElementContent(1); ListElementContent` - * ``` - * where `a` should not receive content, but `b` and `c` should. `c` will be `[SOURCE]` so - * should have the content transferred, while `b` should read it. - * - * To transfer content from RHS to the elements of the LHS in the expression `sequence = iterable`, - * we use two synthetic nodes: - * - * - `TIterableSequence(sequence)` which captures the content-modeling the entire `sequence` will have - * (essentially just a copy of the content-modeling the RHS has) - * - * - `TIterableElement(sequence)` which captures the content-modeling that will be assigned to an element. - * Note that an empty access path means that the value we are tracking flows directly to the element. - * - * - * The `TIterableSequence(sequence)` is at this point superflous but becomes useful when handling recursive - * structures in the LHS, where `sequence` is some internal sequence node. We can have a uniform treatment - * by always having these two synthetic nodes. So we transfer to (or, in the recursive case, read into) - * `TIterableSequence(sequence)`, from which we take a read step to `TIterableElement(sequence)` and then a - * store step to `sequence`. - * - * This allows the unknown content from the RHS to be read into `TIterableElement(sequence)` and tuple content - * to then be stored into `sequence`. If the content is already tuple content, this inderection creates crosstalk - * between indices. Therefore, tuple content is never read into `TIterableElement(sequence)`; it is instead - * transferred directly from `TIterableSequence(sequence)` to `sequence` via a flow step. Such a flow step will - * also transfer other content, but only tuple content is further read from `sequence` into its elements. - * - * The strategy is then via several read-, store-, and flow steps: - * 1. a) [Flow] Content is transferred from `iterable` to `TIterableSequence(sequence)` via a - * flow step. From here, everything happens on the LHS. - * - * b) [Read] If the unpacking happens inside a for as in - * ```python - * for sequence in iterable - * ``` - * then content is read from `iterable` to `TIterableSequence(sequence)`. - * - * 2. [Flow] Content is transferred from `TIterableSequence(sequence)` to `sequence` via a - * flow step. (Here only tuple content is relevant.) - * - * 3. [Read] Content is read from `TIterableSequence(sequence)` into `TIterableElement(sequence)`. - * As `sequence` is modeled as a tuple, we will not read tuple content as that would allow - * crosstalk. - * - * 4. [Store] Content is stored from `TIterableElement(sequence)` to `sequence`. - * Content type is `TupleElementContent` with indices taken from the syntax. - * For instance, if `sequence` is `(a, *b, c)`, content is written to index 0, 1, and 2. - * This is adequate as the route through `TIterableElement(sequence)` does not transfer precise content. - * - * 5. [Read] Content is read from `sequence` to its elements. - * a) If the element is a plain variable, the target is the corresponding essa node. - * - * b) If the element is itself a sequence, with control-flow node `seq`, the target is `TIterableSequence(seq)`. - * - * c) If the element is a starred variable, with control-flow node `v`, the target is `TIterableElement(v)`. - * - * 6. [Store] Content is stored from `TIterableElement(v)` to the essa variable for `v`, with - * content type `ListElementContent`. - * - * 7. [Flow, Read, Store] Steps 2 through 7 are repeated for all recursive elements which are sequences. - * - * - * We illustrate the above steps on the assignment - * - * ```python - * (a, b) = ["a", SOURCE] - * ``` - * - * Looking at the content propagation to `a`: - * `["a", SOURCE]`: [ListElementContent] - * - * --Step 1a--> - * - * `TIterableSequence((a, b))`: [ListElementContent] - * - * --Step 3--> - * - * `TIterableElement((a, b))`: [] - * - * --Step 4--> - * - * `(a, b)`: [TupleElementContent(0)] - * - * --Step 5a--> - * - * `a`: [] - * - * Meaning there is data-flow from the RHS to `a` (an over approximation). The same logic would be applied to show there is data-flow to `b`. Note that _Step 3_ and _Step 4_ would not have been needed if the RHS had been a tuple (since that would have been able to use _Step 2_ instead). - * - * Another, more complicated example: - * ```python - * (a, [b, *c]) = ["a", [SOURCE]] - * ``` - * where the path to `c` is - * - * `["a", [SOURCE]]`: [ListElementContent; ListElementContent] - * - * --Step 1a--> - * - * `TIterableSequence((a, [b, *c]))`: [ListElementContent; ListElementContent] - * - * --Step 3--> - * - * `TIterableElement((a, [b, *c]))`: [ListElementContent] - * - * --Step 4--> - * - * `(a, [b, *c])`: [TupleElementContent(1); ListElementContent] - * - * --Step 5b--> - * - * `TIterableSequence([b, *c])`: [ListElementContent] - * - * --Step 3--> - * - * `TIterableElement([b, *c])`: [] - * - * --Step 4--> - * - * `[b, *c]`: [TupleElementContent(1)] - * - * --Step 5c--> - * - * `TIterableElement(c)`: [] - * - * --Step 6--> - * - * `c`: [ListElementContent] - */ -module IterableUnpacking { - /** - * The target of a `for`, e.g. `x` in `for x in list` or in `[42 for x in list]`. - * This class also records the source, which in both above cases is `list`. - * This class abstracts away the differing representations of comprehensions and - * for statements. - */ - class ForTarget extends ControlFlowNode { - Expr source; - - ForTarget() { - exists(For for | - source = for.getIter() and - this.getNode() = for.getTarget() and - not for = any(Comp comp).getNthInnerLoop(0) - ) - or - exists(Comp comp | - source = comp.getIterable() and - this.getNode() = comp.getNthInnerLoop(0).getTarget() - ) - } - - Expr getSource() { result = source } - } - - /** The LHS of an assignment, it also records the assigned value. */ - class AssignmentTarget extends ControlFlowNode { - Expr value; - - AssignmentTarget() { - exists(Assign assign | this.getNode() = assign.getATarget() | value = assign.getValue()) - } - - Expr getValue() { result = value } - } - - /** A direct (or top-level) target of an unpacking assignment. */ - class UnpackingAssignmentDirectTarget extends ControlFlowNode { - Expr value; - - UnpackingAssignmentDirectTarget() { - this instanceof SequenceNode and - ( - value = this.(AssignmentTarget).getValue() - or - value = this.(ForTarget).getSource() - ) - } - - Expr getValue() { result = value } - } - - /** A (possibly recursive) target of an unpacking assignment. */ - class UnpackingAssignmentTarget extends ControlFlowNode { - UnpackingAssignmentTarget() { - this instanceof UnpackingAssignmentDirectTarget - or - this = any(UnpackingAssignmentSequenceTarget parent).getAnElement() - } - } - - /** A (possibly recursive) target of an unpacking assignment which is also a sequence. */ - class UnpackingAssignmentSequenceTarget extends UnpackingAssignmentTarget instanceof SequenceNode { - ControlFlowNode getElement(int i) { result = super.getElement(i) } - - ControlFlowNode getAnElement() { result = this.getElement(_) } - } - - /** - * Step 1a - * Data flows from `iterable` to `TIterableSequence(sequence)` - */ - predicate iterableUnpackingAssignmentFlowStep(Node nodeFrom, Node nodeTo) { - exists(AssignmentTarget target | - nodeFrom.asExpr() = target.getValue() and - nodeTo = TIterableSequenceNode(target) - ) - } - - /** - * Step 1b - * Data is read from `iterable` to `TIterableSequence(sequence)` - */ - predicate iterableUnpackingForReadStep(CfgNode nodeFrom, Content c, Node nodeTo) { - exists(ForTarget target | - nodeFrom.asExpr() = target.getSource() and - target instanceof SequenceNode and - nodeTo = TIterableSequenceNode(target) - ) and - ( - c instanceof ListElementContent - or - c instanceof SetElementContent - ) - } - - /** - * Step 2 - * Data flows from `TIterableSequence(sequence)` to `sequence` - */ - predicate iterableUnpackingTupleFlowStep(Node nodeFrom, Node nodeTo) { - exists(UnpackingAssignmentSequenceTarget target | - nodeFrom = TIterableSequenceNode(target) and - nodeTo.asCfgNode() = target - ) - } - - /** - * Step 3 - * Data flows from `TIterableSequence(sequence)` into `TIterableElement(sequence)`. - * As `sequence` is modeled as a tuple, we will not read tuple content as that would allow - * crosstalk. - */ - predicate iterableUnpackingConvertingReadStep(Node nodeFrom, Content c, Node nodeTo) { - exists(UnpackingAssignmentSequenceTarget target | - nodeFrom = TIterableSequenceNode(target) and - nodeTo = TIterableElementNode(target) and - ( - c instanceof ListElementContent - or - c instanceof SetElementContent - // TODO: dict content in iterable unpacking not handled - ) - ) - } - - /** - * Step 4 - * Data flows from `TIterableElement(sequence)` to `sequence`. - * Content type is `TupleElementContent` with indices taken from the syntax. - * For instance, if `sequence` is `(a, *b, c)`, content is written to index 0, 1, and 2. - */ - predicate iterableUnpackingConvertingStoreStep(Node nodeFrom, Content c, Node nodeTo) { - exists(UnpackingAssignmentSequenceTarget target | - nodeFrom = TIterableElementNode(target) and - nodeTo.asCfgNode() = target and - exists(int index | exists(target.getElement(index)) | - c.(TupleElementContent).getIndex() = index - ) - ) - } - - /** - * Step 5 - * For a sequence node inside an iterable unpacking, data flows from the sequence to its elements. There are - * three cases for what `toNode` should be: - * a) If the element is a plain variable, `toNode` is the corresponding essa node. - * - * b) If the element is itself a sequence, with control-flow node `seq`, `toNode` is `TIterableSequence(seq)`. - * - * c) If the element is a starred variable, with control-flow node `v`, `toNode` is `TIterableElement(v)`. - */ - predicate iterableUnpackingElementReadStep(Node nodeFrom, Content c, Node nodeTo) { - exists( - UnpackingAssignmentSequenceTarget target, int index, ControlFlowNode element, int starIndex - | - target.getElement(starIndex) instanceof StarredNode - or - not exists(target.getAnElement().(StarredNode)) and - starIndex = -1 - | - nodeFrom.asCfgNode() = target and - element = target.getElement(index) and - ( - if starIndex = -1 or index < starIndex - then c.(TupleElementContent).getIndex() = index - else - // This could get big if big tuples exist - if index = starIndex - then c.(TupleElementContent).getIndex() >= index - else c.(TupleElementContent).getIndex() >= index - 1 - ) and - ( - if element instanceof SequenceNode - then - // Step 5b - nodeTo = TIterableSequenceNode(element) - else - if element instanceof StarredNode - then - // Step 5c - nodeTo = TIterableElementNode(element) - else - // Step 5a - nodeTo.asVar().getDefinition().(MultiAssignmentDefinition).getDefiningNode() = element - ) - ) - } - - /** - * Step 6 - * Data flows from `TIterableElement(v)` to the essa variable for `v`, with - * content type `ListElementContent`. - */ - predicate iterableUnpackingStarredElementStoreStep(Node nodeFrom, Content c, Node nodeTo) { - exists(ControlFlowNode starred | starred.getNode() instanceof Starred | - nodeFrom = TIterableElementNode(starred) and - nodeTo.asVar().getDefinition().(MultiAssignmentDefinition).getDefiningNode() = starred and - c instanceof ListElementContent - ) - } - - /** All read steps associated with unpacking assignment. */ - predicate iterableUnpackingReadStep(Node nodeFrom, Content c, Node nodeTo) { - iterableUnpackingForReadStep(nodeFrom, c, nodeTo) - or - iterableUnpackingElementReadStep(nodeFrom, c, nodeTo) - or - iterableUnpackingConvertingReadStep(nodeFrom, c, nodeTo) - } - - /** All store steps associated with unpacking assignment. */ - predicate iterableUnpackingStoreStep(Node nodeFrom, Content c, Node nodeTo) { - iterableUnpackingStarredElementStoreStep(nodeFrom, c, nodeTo) - or - iterableUnpackingConvertingStoreStep(nodeFrom, c, nodeTo) - } - - /** All flow steps associated with unpacking assignment. */ - predicate iterableUnpackingFlowStep(Node nodeFrom, Node nodeTo) { - iterableUnpackingAssignmentFlowStep(nodeFrom, nodeTo) - or - iterableUnpackingTupleFlowStep(nodeFrom, nodeTo) - } -} - -import IterableUnpacking - -/** - * There are a number of patterns available for the match statement. - * Each one transfers data and content differently to its parts. - * - * Furthermore, given a successful match, we can infer some data about - * the subject. Consider the example: - * ```python - * match choice: - * case 'Y': - * ...body - * ``` - * Inside `body`, we know that `choice` has the value `'Y'`. - * - * A similar thing happens with the "as pattern". Consider the example: - * ```python - * match choice: - * case ('y'|'Y') as c: - * ...body - * ``` - * By the binding rules, there is data flow from `choice` to `c`. But we - * can infer the value of `c` to be either `'y'` or `'Y'` if the match succeeds. - * - * We will treat such inferences separately as guards. First we will model the data flow - * stemming from the bindings and the matching of shape. Below, 'subject' is not necessarily the - * top-level subject of the match, but rather the part recursively matched by the current pattern. - * For instance, in the example: - * ```python - * match command: - * case ('quit' as c) | ('go', ('up'|'down') as c): - * ...body - * ``` - * `command` is the subject of first the as-pattern, while the second component of `command` - * is the subject of the second as-pattern. As such, 'subject' refers to the pattern under evaluation. - * - * - as pattern: subject flows to alias as well as to the interior pattern - * - or pattern: subject flows to each alternative - * - literal pattern: flow from the literal to the pattern, to add information - * - capture pattern: subject flows to the variable - * - wildcard pattern: no flow - * - value pattern: flow from the value to the pattern, to add information - * - sequence pattern: each element reads from subject at the associated index - * - star pattern: subject flows to the variable, possibly via a conversion - * - mapping pattern: each value reads from subject at the associated key - * - double star pattern: subject flows to the variable, possibly via a conversion - * - key-value pattern: the value reads from the subject at the key (see mapping pattern) - * - class pattern: all keywords read the appropriate attribute from the subject - * - keyword pattern: the appropriate attribute is read from the subject (see class pattern) - * - * Inside the class pattern, we also find positional arguments. They are converted to - * keyword arguments using the `__match_args__` attribute on the class. We do not - * currently model this. - */ -module MatchUnpacking { - /** - * Holds when there is flow from the subject `nodeFrom` to the (top-level) pattern `nodeTo` of a `match` statement. - * - * The subject of a match flows to each top-level pattern - * (a pattern directly under a `case` statement). - * - * We could consider a model closer to use-use-flow, where the subject - * only flows to the first top-level pattern and from there to the - * following ones. - */ - predicate matchSubjectFlowStep(Node nodeFrom, Node nodeTo) { - exists(MatchStmt match, Expr subject, Pattern target | - subject = match.getSubject() and - target = match.getCase(_).(Case).getPattern() - | - nodeFrom.asExpr() = subject and - nodeTo.asCfgNode().getNode() = target - ) - } - - /** - * as pattern: subject flows to alias as well as to the interior pattern - * syntax (toplevel): `case pattern as alias:` - */ - predicate matchAsFlowStep(Node nodeFrom, Node nodeTo) { - exists(MatchAsPattern subject, Name alias | alias = subject.getAlias() | - // We make the subject flow to the interior pattern via the alias. - // That way, information can propagate from the interior pattern to the alias. - // - // the subject flows to the interior pattern - nodeFrom.asCfgNode().getNode() = subject and - nodeTo.asCfgNode().getNode() = subject.getPattern() - or - // the interior pattern flows to the alias - nodeFrom.asCfgNode().getNode() = subject.getPattern() and - nodeTo.asVar().getDefinition().(PatternAliasDefinition).getDefiningNode().getNode() = alias - ) - } - - /** - * or pattern: subject flows to each alternative - * syntax (toplevel): `case alt1 | alt2:` - */ - predicate matchOrFlowStep(Node nodeFrom, Node nodeTo) { - exists(MatchOrPattern subject, Pattern pattern | pattern = subject.getAPattern() | - nodeFrom.asCfgNode().getNode() = subject and - nodeTo.asCfgNode().getNode() = pattern - ) - } - - /** - * literal pattern: flow from the literal to the pattern, to add information - * syntax (toplevel): `case literal:` - */ - predicate matchLiteralFlowStep(Node nodeFrom, Node nodeTo) { - exists(MatchLiteralPattern pattern, Expr literal | literal = pattern.getLiteral() | - nodeFrom.asExpr() = literal and - nodeTo.asCfgNode().getNode() = pattern - ) - } - - /** - * capture pattern: subject flows to the variable - * syntax (toplevel): `case var:` - */ - predicate matchCaptureFlowStep(Node nodeFrom, Node nodeTo) { - exists(MatchCapturePattern capture, Name var | capture.getVariable() = var | - nodeFrom.asCfgNode().getNode() = capture and - nodeTo.asVar().getDefinition().(PatternCaptureDefinition).getDefiningNode().getNode() = var - ) - } - - /** - * value pattern: flow from the value to the pattern, to add information - * syntax (toplevel): `case Dotted.value:` - */ - predicate matchValueFlowStep(Node nodeFrom, Node nodeTo) { - exists(MatchValuePattern pattern, Expr value | value = pattern.getValue() | - nodeFrom.asExpr() = value and - nodeTo.asCfgNode().getNode() = pattern - ) - } - - /** - * sequence pattern: each element reads from subject at the associated index - * syntax (toplevel): `case [a, b]:` - */ - predicate matchSequenceReadStep(Node nodeFrom, Content c, Node nodeTo) { - exists(MatchSequencePattern subject, int index, Pattern element | - element = subject.getPattern(index) - | - nodeFrom.asCfgNode().getNode() = subject and - nodeTo.asCfgNode().getNode() = element and - ( - // tuple content - c.(TupleElementContent).getIndex() = index - or - // list content - c instanceof ListElementContent - // set content is excluded from sequence patterns, - // see https://www.python.org/dev/peps/pep-0635/#sequence-patterns - ) - ) - } - - /** - * star pattern: subject flows to the variable, possibly via a conversion - * syntax (toplevel): `case *var:` - * - * We decompose this flow into a read step and a store step. The read step - * reads both tuple and list content, the store step only stores list content. - * This way, we convert all content to list content. - * - * This is the read step. - */ - predicate matchStarReadStep(Node nodeFrom, Content c, Node nodeTo) { - exists(MatchSequencePattern subject, int index, MatchStarPattern star | - star = subject.getPattern(index) - | - nodeFrom.asCfgNode().getNode() = subject and - nodeTo = TStarPatternElementNode(star) and - ( - // tuple content - c.(TupleElementContent).getIndex() >= index - or - // list content - c instanceof ListElementContent - // set content is excluded from sequence patterns, - // see https://www.python.org/dev/peps/pep-0635/#sequence-patterns - ) - ) - } - - /** - * star pattern: subject flows to the variable, possibly via a conversion - * syntax (toplevel): `case *var:` - * - * We decompose this flow into a read step and a store step. The read step - * reads both tuple and list content, the store step only stores list content. - * This way, we convert all content to list content. - * - * This is the store step. - */ - predicate matchStarStoreStep(Node nodeFrom, Content c, Node nodeTo) { - exists(MatchStarPattern star | - nodeFrom = TStarPatternElementNode(star) and - nodeTo.asCfgNode().getNode() = star.getTarget() and - c instanceof ListElementContent - ) - } - - /** - * mapping pattern: each value reads from subject at the associated key - * syntax (toplevel): `case {"color": c, "height": x}:` - */ - predicate matchMappingReadStep(Node nodeFrom, Content c, Node nodeTo) { - exists( - MatchMappingPattern subject, MatchKeyValuePattern keyValue, MatchLiteralPattern key, - Pattern value - | - keyValue = subject.getAMapping() and - key = keyValue.getKey() and - value = keyValue.getValue() - | - nodeFrom.asCfgNode().getNode() = subject and - nodeTo.asCfgNode().getNode() = value and - c.(DictionaryElementContent).getKey() = key.getLiteral().(StrConst).getText() - ) - } - - /** - * double star pattern: subject flows to the variable, possibly via a conversion - * syntax (toplevel): `case {**var}:` - * - * Dictionary content flows to the double star, but all mentioned keys in the - * mapping pattern should be cleared. - */ - predicate matchMappingFlowStep(Node nodeFrom, Node nodeTo) { - exists(MatchMappingPattern subject, MatchDoubleStarPattern dstar | - dstar = subject.getAMapping() - | - nodeFrom.asCfgNode().getNode() = subject and - nodeTo.asCfgNode().getNode() = dstar.getTarget() - ) - } - - /** - * Bindings that are mentioned in a mapping pattern will not be available - * to a double star pattern in the same mapping pattern. - */ - predicate matchMappingClearStep(Node n, Content c) { - exists( - MatchMappingPattern subject, MatchKeyValuePattern keyValue, MatchLiteralPattern key, - MatchDoubleStarPattern dstar - | - keyValue = subject.getAMapping() and - key = keyValue.getKey() and - dstar = subject.getAMapping() - | - n.asCfgNode().getNode() = dstar.getTarget() and - c.(DictionaryElementContent).getKey() = key.getLiteral().(StrConst).getText() - ) - } - - /** - * class pattern: all keywords read the appropriate attribute from the subject - * syntax (toplevel): `case ClassName(attr = val):` - */ - predicate matchClassReadStep(Node nodeFrom, Content c, Node nodeTo) { - exists(MatchClassPattern subject, MatchKeywordPattern keyword, Name attr, Pattern value | - keyword = subject.getKeyword(_) and - attr = keyword.getAttribute() and - value = keyword.getValue() - | - nodeFrom.asCfgNode().getNode() = subject and - nodeTo.asCfgNode().getNode() = value and - c.(AttributeContent).getAttribute() = attr.getId() - ) - } - - /** All flow steps associated with match. */ - predicate matchFlowStep(Node nodeFrom, Node nodeTo) { - matchSubjectFlowStep(nodeFrom, nodeTo) - or - matchAsFlowStep(nodeFrom, nodeTo) - or - matchOrFlowStep(nodeFrom, nodeTo) - or - matchLiteralFlowStep(nodeFrom, nodeTo) - or - matchCaptureFlowStep(nodeFrom, nodeTo) - or - matchValueFlowStep(nodeFrom, nodeTo) - or - matchMappingFlowStep(nodeFrom, nodeTo) - } - - /** All read steps associated with match. */ - predicate matchReadStep(Node nodeFrom, Content c, Node nodeTo) { - matchClassReadStep(nodeFrom, c, nodeTo) - or - matchSequenceReadStep(nodeFrom, c, nodeTo) - or - matchMappingReadStep(nodeFrom, c, nodeTo) - or - matchStarReadStep(nodeFrom, c, nodeTo) - } - - /** All store steps associated with match. */ - predicate matchStoreStep(Node nodeFrom, Content c, Node nodeTo) { - matchStarStoreStep(nodeFrom, c, nodeTo) - } - - /** - * All clear steps associated with match - */ - predicate matchClearStep(Node n, Content c) { matchMappingClearStep(n, c) } -} - -import MatchUnpacking - /** Data flows from a sequence to a call to `pop` on the sequence. */ predicate popReadStep(CfgNode nodeFrom, Content c, CfgNode nodeTo) { // set.pop or list.pop diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll b/python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll new file mode 100644 index 00000000000..4bf73dba0a3 --- /dev/null +++ b/python/ql/lib/semmle/python/dataflow/new/internal/IterableUnpacking.qll @@ -0,0 +1,396 @@ +/** + * The unpacking assignment takes the general form + * ```python + * sequence = iterable + * ``` + * where `sequence` is either a tuple or a list and it can contain wildcards. + * The iterable can be any iterable, which means that (CodeQL modeling of) content + * will need to change type if it should be transferred from the LHS to the RHS. + * + * Note that (CodeQL modeling of) content does not have to change type on data-flow + * paths _inside_ the LHS, as the different allowed syntaxes here are merely a convenience. + * Consequently, we model all LHS sequences as tuples, which have the more precise content + * model, making flow to the elements more precise. If an element is a starred variable, + * we will have to mutate the content type to be list content. + * + * We may for instance have + * ```python + * (a, b) = ["a", SOURCE] # RHS has content `ListElementContent` + * ``` + * Due to the abstraction for list content, we do not know whether `SOURCE` + * ends up in `a` or in `b`, so we want to overapproximate and see it in both. + * + * Using wildcards we may have + * ```python + * (a, *b) = ("a", "b", SOURCE) # RHS has content `TupleElementContent(2)` + * ``` + * Since the starred variables are always assigned (Python-)type list, `*b` will be + * `["b", SOURCE]`, and we will again overapproximate and assign it + * content corresponding to anything found in the RHS. + * + * For a precise transfer + * ```python + * (a, b) = ("a", SOURCE) # RHS has content `TupleElementContent(1)` + * ``` + * we wish to keep the precision, so only `b` receives the tuple content at index 1. + * + * Finally, `sequence` is actually a pattern and can have a more complicated structure, + * such as + * ```python + * (a, [b, *c]) = ("a", ["b", SOURCE]) # RHS has content `TupleElementContent(1); ListElementContent` + * ``` + * where `a` should not receive content, but `b` and `c` should. `c` will be `[SOURCE]` so + * should have the content transferred, while `b` should read it. + * + * To transfer content from RHS to the elements of the LHS in the expression `sequence = iterable`, + * we use two synthetic nodes: + * + * - `TIterableSequence(sequence)` which captures the content-modeling the entire `sequence` will have + * (essentially just a copy of the content-modeling the RHS has) + * + * - `TIterableElement(sequence)` which captures the content-modeling that will be assigned to an element. + * Note that an empty access path means that the value we are tracking flows directly to the element. + * + * + * The `TIterableSequence(sequence)` is at this point superflous but becomes useful when handling recursive + * structures in the LHS, where `sequence` is some internal sequence node. We can have a uniform treatment + * by always having these two synthetic nodes. So we transfer to (or, in the recursive case, read into) + * `TIterableSequence(sequence)`, from which we take a read step to `TIterableElement(sequence)` and then a + * store step to `sequence`. + * + * This allows the unknown content from the RHS to be read into `TIterableElement(sequence)` and tuple content + * to then be stored into `sequence`. If the content is already tuple content, this inderection creates crosstalk + * between indices. Therefore, tuple content is never read into `TIterableElement(sequence)`; it is instead + * transferred directly from `TIterableSequence(sequence)` to `sequence` via a flow step. Such a flow step will + * also transfer other content, but only tuple content is further read from `sequence` into its elements. + * + * The strategy is then via several read-, store-, and flow steps: + * 1. a) [Flow] Content is transferred from `iterable` to `TIterableSequence(sequence)` via a + * flow step. From here, everything happens on the LHS. + * + * b) [Read] If the unpacking happens inside a for as in + * ```python + * for sequence in iterable + * ``` + * then content is read from `iterable` to `TIterableSequence(sequence)`. + * + * 2. [Flow] Content is transferred from `TIterableSequence(sequence)` to `sequence` via a + * flow step. (Here only tuple content is relevant.) + * + * 3. [Read] Content is read from `TIterableSequence(sequence)` into `TIterableElement(sequence)`. + * As `sequence` is modeled as a tuple, we will not read tuple content as that would allow + * crosstalk. + * + * 4. [Store] Content is stored from `TIterableElement(sequence)` to `sequence`. + * Content type is `TupleElementContent` with indices taken from the syntax. + * For instance, if `sequence` is `(a, *b, c)`, content is written to index 0, 1, and 2. + * This is adequate as the route through `TIterableElement(sequence)` does not transfer precise content. + * + * 5. [Read] Content is read from `sequence` to its elements. + * a) If the element is a plain variable, the target is the corresponding essa node. + * + * b) If the element is itself a sequence, with control-flow node `seq`, the target is `TIterableSequence(seq)`. + * + * c) If the element is a starred variable, with control-flow node `v`, the target is `TIterableElement(v)`. + * + * 6. [Store] Content is stored from `TIterableElement(v)` to the essa variable for `v`, with + * content type `ListElementContent`. + * + * 7. [Flow, Read, Store] Steps 2 through 7 are repeated for all recursive elements which are sequences. + * + * + * We illustrate the above steps on the assignment + * + * ```python + * (a, b) = ["a", SOURCE] + * ``` + * + * Looking at the content propagation to `a`: + * `["a", SOURCE]`: [ListElementContent] + * + * --Step 1a--> + * + * `TIterableSequence((a, b))`: [ListElementContent] + * + * --Step 3--> + * + * `TIterableElement((a, b))`: [] + * + * --Step 4--> + * + * `(a, b)`: [TupleElementContent(0)] + * + * --Step 5a--> + * + * `a`: [] + * + * Meaning there is data-flow from the RHS to `a` (an over approximation). The same logic would be applied to show there is data-flow to `b`. Note that _Step 3_ and _Step 4_ would not have been needed if the RHS had been a tuple (since that would have been able to use _Step 2_ instead). + * + * Another, more complicated example: + * ```python + * (a, [b, *c]) = ["a", [SOURCE]] + * ``` + * where the path to `c` is + * + * `["a", [SOURCE]]`: [ListElementContent; ListElementContent] + * + * --Step 1a--> + * + * `TIterableSequence((a, [b, *c]))`: [ListElementContent; ListElementContent] + * + * --Step 3--> + * + * `TIterableElement((a, [b, *c]))`: [ListElementContent] + * + * --Step 4--> + * + * `(a, [b, *c])`: [TupleElementContent(1); ListElementContent] + * + * --Step 5b--> + * + * `TIterableSequence([b, *c])`: [ListElementContent] + * + * --Step 3--> + * + * `TIterableElement([b, *c])`: [] + * + * --Step 4--> + * + * `[b, *c]`: [TupleElementContent(1)] + * + * --Step 5c--> + * + * `TIterableElement(c)`: [] + * + * --Step 6--> + * + * `c`: [ListElementContent] + */ + +private import python +private import DataFlowPublic + +/** + * The target of a `for`, e.g. `x` in `for x in list` or in `[42 for x in list]`. + * This class also records the source, which in both above cases is `list`. + * This class abstracts away the differing representations of comprehensions and + * for statements. + */ +class ForTarget extends ControlFlowNode { + Expr source; + + ForTarget() { + exists(For for | + source = for.getIter() and + this.getNode() = for.getTarget() and + not for = any(Comp comp).getNthInnerLoop(0) + ) + or + exists(Comp comp | + source = comp.getIterable() and + this.getNode() = comp.getNthInnerLoop(0).getTarget() + ) + } + + Expr getSource() { result = source } +} + +/** The LHS of an assignment, it also records the assigned value. */ +class AssignmentTarget extends ControlFlowNode { + Expr value; + + AssignmentTarget() { + exists(Assign assign | this.getNode() = assign.getATarget() | value = assign.getValue()) + } + + Expr getValue() { result = value } +} + +/** A direct (or top-level) target of an unpacking assignment. */ +class UnpackingAssignmentDirectTarget extends ControlFlowNode { + Expr value; + + UnpackingAssignmentDirectTarget() { + this instanceof SequenceNode and + ( + value = this.(AssignmentTarget).getValue() + or + value = this.(ForTarget).getSource() + ) + } + + Expr getValue() { result = value } +} + +/** A (possibly recursive) target of an unpacking assignment. */ +class UnpackingAssignmentTarget extends ControlFlowNode { + UnpackingAssignmentTarget() { + this instanceof UnpackingAssignmentDirectTarget + or + this = any(UnpackingAssignmentSequenceTarget parent).getAnElement() + } +} + +/** A (possibly recursive) target of an unpacking assignment which is also a sequence. */ +class UnpackingAssignmentSequenceTarget extends UnpackingAssignmentTarget instanceof SequenceNode { + ControlFlowNode getElement(int i) { result = super.getElement(i) } + + ControlFlowNode getAnElement() { result = this.getElement(_) } +} + +/** + * Step 1a + * Data flows from `iterable` to `TIterableSequence(sequence)` + */ +predicate iterableUnpackingAssignmentFlowStep(Node nodeFrom, Node nodeTo) { + exists(AssignmentTarget target | + nodeFrom.asExpr() = target.getValue() and + nodeTo = TIterableSequenceNode(target) + ) +} + +/** + * Step 1b + * Data is read from `iterable` to `TIterableSequence(sequence)` + */ +predicate iterableUnpackingForReadStep(CfgNode nodeFrom, Content c, Node nodeTo) { + exists(ForTarget target | + nodeFrom.asExpr() = target.getSource() and + target instanceof SequenceNode and + nodeTo = TIterableSequenceNode(target) + ) and + ( + c instanceof ListElementContent + or + c instanceof SetElementContent + ) +} + +/** + * Step 2 + * Data flows from `TIterableSequence(sequence)` to `sequence` + */ +predicate iterableUnpackingTupleFlowStep(Node nodeFrom, Node nodeTo) { + exists(UnpackingAssignmentSequenceTarget target | + nodeFrom = TIterableSequenceNode(target) and + nodeTo.asCfgNode() = target + ) +} + +/** + * Step 3 + * Data flows from `TIterableSequence(sequence)` into `TIterableElement(sequence)`. + * As `sequence` is modeled as a tuple, we will not read tuple content as that would allow + * crosstalk. + */ +predicate iterableUnpackingConvertingReadStep(Node nodeFrom, Content c, Node nodeTo) { + exists(UnpackingAssignmentSequenceTarget target | + nodeFrom = TIterableSequenceNode(target) and + nodeTo = TIterableElementNode(target) and + ( + c instanceof ListElementContent + or + c instanceof SetElementContent + // TODO: dict content in iterable unpacking not handled + ) + ) +} + +/** + * Step 4 + * Data flows from `TIterableElement(sequence)` to `sequence`. + * Content type is `TupleElementContent` with indices taken from the syntax. + * For instance, if `sequence` is `(a, *b, c)`, content is written to index 0, 1, and 2. + */ +predicate iterableUnpackingConvertingStoreStep(Node nodeFrom, Content c, Node nodeTo) { + exists(UnpackingAssignmentSequenceTarget target | + nodeFrom = TIterableElementNode(target) and + nodeTo.asCfgNode() = target and + exists(int index | exists(target.getElement(index)) | + c.(TupleElementContent).getIndex() = index + ) + ) +} + +/** + * Step 5 + * For a sequence node inside an iterable unpacking, data flows from the sequence to its elements. There are + * three cases for what `toNode` should be: + * a) If the element is a plain variable, `toNode` is the corresponding essa node. + * + * b) If the element is itself a sequence, with control-flow node `seq`, `toNode` is `TIterableSequence(seq)`. + * + * c) If the element is a starred variable, with control-flow node `v`, `toNode` is `TIterableElement(v)`. + */ +predicate iterableUnpackingElementReadStep(Node nodeFrom, Content c, Node nodeTo) { + exists( + UnpackingAssignmentSequenceTarget target, int index, ControlFlowNode element, int starIndex + | + target.getElement(starIndex) instanceof StarredNode + or + not exists(target.getAnElement().(StarredNode)) and + starIndex = -1 + | + nodeFrom.asCfgNode() = target and + element = target.getElement(index) and + ( + if starIndex = -1 or index < starIndex + then c.(TupleElementContent).getIndex() = index + else + // This could get big if big tuples exist + if index = starIndex + then c.(TupleElementContent).getIndex() >= index + else c.(TupleElementContent).getIndex() >= index - 1 + ) and + ( + if element instanceof SequenceNode + then + // Step 5b + nodeTo = TIterableSequenceNode(element) + else + if element instanceof StarredNode + then + // Step 5c + nodeTo = TIterableElementNode(element) + else + // Step 5a + nodeTo.asVar().getDefinition().(MultiAssignmentDefinition).getDefiningNode() = element + ) + ) +} + +/** + * Step 6 + * Data flows from `TIterableElement(v)` to the essa variable for `v`, with + * content type `ListElementContent`. + */ +predicate iterableUnpackingStarredElementStoreStep(Node nodeFrom, Content c, Node nodeTo) { + exists(ControlFlowNode starred | starred.getNode() instanceof Starred | + nodeFrom = TIterableElementNode(starred) and + nodeTo.asVar().getDefinition().(MultiAssignmentDefinition).getDefiningNode() = starred and + c instanceof ListElementContent + ) +} + +/** All read steps associated with unpacking assignment. */ +predicate iterableUnpackingReadStep(Node nodeFrom, Content c, Node nodeTo) { + iterableUnpackingForReadStep(nodeFrom, c, nodeTo) + or + iterableUnpackingElementReadStep(nodeFrom, c, nodeTo) + or + iterableUnpackingConvertingReadStep(nodeFrom, c, nodeTo) +} + +/** All store steps associated with unpacking assignment. */ +predicate iterableUnpackingStoreStep(Node nodeFrom, Content c, Node nodeTo) { + iterableUnpackingStarredElementStoreStep(nodeFrom, c, nodeTo) + or + iterableUnpackingConvertingStoreStep(nodeFrom, c, nodeTo) +} + +/** All flow steps associated with unpacking assignment. */ +predicate iterableUnpackingFlowStep(Node nodeFrom, Node nodeTo) { + iterableUnpackingAssignmentFlowStep(nodeFrom, nodeTo) + or + iterableUnpackingTupleFlowStep(nodeFrom, nodeTo) +} diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll b/python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll new file mode 100644 index 00000000000..948536d5598 --- /dev/null +++ b/python/ql/lib/semmle/python/dataflow/new/internal/MatchUnpacking.qll @@ -0,0 +1,311 @@ +/** + * There are a number of patterns available for the match statement. + * Each one transfers data and content differently to its parts. + * + * Furthermore, given a successful match, we can infer some data about + * the subject. Consider the example: + * ```python + * match choice: + * case 'Y': + * ...body + * ``` + * Inside `body`, we know that `choice` has the value `'Y'`. + * + * A similar thing happens with the "as pattern". Consider the example: + * ```python + * match choice: + * case ('y'|'Y') as c: + * ...body + * ``` + * By the binding rules, there is data flow from `choice` to `c`. But we + * can infer the value of `c` to be either `'y'` or `'Y'` if the match succeeds. + * + * We will treat such inferences separately as guards. First we will model the data flow + * stemming from the bindings and the matching of shape. Below, 'subject' is not necessarily the + * top-level subject of the match, but rather the part recursively matched by the current pattern. + * For instance, in the example: + * ```python + * match command: + * case ('quit' as c) | ('go', ('up'|'down') as c): + * ...body + * ``` + * `command` is the subject of first the as-pattern, while the second component of `command` + * is the subject of the second as-pattern. As such, 'subject' refers to the pattern under evaluation. + * + * - as pattern: subject flows to alias as well as to the interior pattern + * - or pattern: subject flows to each alternative + * - literal pattern: flow from the literal to the pattern, to add information + * - capture pattern: subject flows to the variable + * - wildcard pattern: no flow + * - value pattern: flow from the value to the pattern, to add information + * - sequence pattern: each element reads from subject at the associated index + * - star pattern: subject flows to the variable, possibly via a conversion + * - mapping pattern: each value reads from subject at the associated key + * - double star pattern: subject flows to the variable, possibly via a conversion + * - key-value pattern: the value reads from the subject at the key (see mapping pattern) + * - class pattern: all keywords read the appropriate attribute from the subject + * - keyword pattern: the appropriate attribute is read from the subject (see class pattern) + * + * Inside the class pattern, we also find positional arguments. They are converted to + * keyword arguments using the `__match_args__` attribute on the class. We do not + * currently model this. + */ + +private import python +private import DataFlowPublic + +/** + * Holds when there is flow from the subject `nodeFrom` to the (top-level) pattern `nodeTo` of a `match` statement. + * + * The subject of a match flows to each top-level pattern + * (a pattern directly under a `case` statement). + * + * We could consider a model closer to use-use-flow, where the subject + * only flows to the first top-level pattern and from there to the + * following ones. + */ +predicate matchSubjectFlowStep(Node nodeFrom, Node nodeTo) { + exists(MatchStmt match, Expr subject, Pattern target | + subject = match.getSubject() and + target = match.getCase(_).(Case).getPattern() + | + nodeFrom.asExpr() = subject and + nodeTo.asCfgNode().getNode() = target + ) +} + +/** + * as pattern: subject flows to alias as well as to the interior pattern + * syntax (toplevel): `case pattern as alias:` + */ +predicate matchAsFlowStep(Node nodeFrom, Node nodeTo) { + exists(MatchAsPattern subject, Name alias | alias = subject.getAlias() | + // We make the subject flow to the interior pattern via the alias. + // That way, information can propagate from the interior pattern to the alias. + // + // the subject flows to the interior pattern + nodeFrom.asCfgNode().getNode() = subject and + nodeTo.asCfgNode().getNode() = subject.getPattern() + or + // the interior pattern flows to the alias + nodeFrom.asCfgNode().getNode() = subject.getPattern() and + nodeTo.asVar().getDefinition().(PatternAliasDefinition).getDefiningNode().getNode() = alias + ) +} + +/** + * or pattern: subject flows to each alternative + * syntax (toplevel): `case alt1 | alt2:` + */ +predicate matchOrFlowStep(Node nodeFrom, Node nodeTo) { + exists(MatchOrPattern subject, Pattern pattern | pattern = subject.getAPattern() | + nodeFrom.asCfgNode().getNode() = subject and + nodeTo.asCfgNode().getNode() = pattern + ) +} + +/** + * literal pattern: flow from the literal to the pattern, to add information + * syntax (toplevel): `case literal:` + */ +predicate matchLiteralFlowStep(Node nodeFrom, Node nodeTo) { + exists(MatchLiteralPattern pattern, Expr literal | literal = pattern.getLiteral() | + nodeFrom.asExpr() = literal and + nodeTo.asCfgNode().getNode() = pattern + ) +} + +/** + * capture pattern: subject flows to the variable + * syntax (toplevel): `case var:` + */ +predicate matchCaptureFlowStep(Node nodeFrom, Node nodeTo) { + exists(MatchCapturePattern capture, Name var | capture.getVariable() = var | + nodeFrom.asCfgNode().getNode() = capture and + nodeTo.asVar().getDefinition().(PatternCaptureDefinition).getDefiningNode().getNode() = var + ) +} + +/** + * value pattern: flow from the value to the pattern, to add information + * syntax (toplevel): `case Dotted.value:` + */ +predicate matchValueFlowStep(Node nodeFrom, Node nodeTo) { + exists(MatchValuePattern pattern, Expr value | value = pattern.getValue() | + nodeFrom.asExpr() = value and + nodeTo.asCfgNode().getNode() = pattern + ) +} + +/** + * sequence pattern: each element reads from subject at the associated index + * syntax (toplevel): `case [a, b]:` + */ +predicate matchSequenceReadStep(Node nodeFrom, Content c, Node nodeTo) { + exists(MatchSequencePattern subject, int index, Pattern element | + element = subject.getPattern(index) + | + nodeFrom.asCfgNode().getNode() = subject and + nodeTo.asCfgNode().getNode() = element and + ( + // tuple content + c.(TupleElementContent).getIndex() = index + or + // list content + c instanceof ListElementContent + // set content is excluded from sequence patterns, + // see https://www.python.org/dev/peps/pep-0635/#sequence-patterns + ) + ) +} + +/** + * star pattern: subject flows to the variable, possibly via a conversion + * syntax (toplevel): `case *var:` + * + * We decompose this flow into a read step and a store step. The read step + * reads both tuple and list content, the store step only stores list content. + * This way, we convert all content to list content. + * + * This is the read step. + */ +predicate matchStarReadStep(Node nodeFrom, Content c, Node nodeTo) { + exists(MatchSequencePattern subject, int index, MatchStarPattern star | + star = subject.getPattern(index) + | + nodeFrom.asCfgNode().getNode() = subject and + nodeTo = TStarPatternElementNode(star) and + ( + // tuple content + c.(TupleElementContent).getIndex() >= index + or + // list content + c instanceof ListElementContent + // set content is excluded from sequence patterns, + // see https://www.python.org/dev/peps/pep-0635/#sequence-patterns + ) + ) +} + +/** + * star pattern: subject flows to the variable, possibly via a conversion + * syntax (toplevel): `case *var:` + * + * We decompose this flow into a read step and a store step. The read step + * reads both tuple and list content, the store step only stores list content. + * This way, we convert all content to list content. + * + * This is the store step. + */ +predicate matchStarStoreStep(Node nodeFrom, Content c, Node nodeTo) { + exists(MatchStarPattern star | + nodeFrom = TStarPatternElementNode(star) and + nodeTo.asCfgNode().getNode() = star.getTarget() and + c instanceof ListElementContent + ) +} + +/** + * mapping pattern: each value reads from subject at the associated key + * syntax (toplevel): `case {"color": c, "height": x}:` + */ +predicate matchMappingReadStep(Node nodeFrom, Content c, Node nodeTo) { + exists( + MatchMappingPattern subject, MatchKeyValuePattern keyValue, MatchLiteralPattern key, + Pattern value + | + keyValue = subject.getAMapping() and + key = keyValue.getKey() and + value = keyValue.getValue() + | + nodeFrom.asCfgNode().getNode() = subject and + nodeTo.asCfgNode().getNode() = value and + c.(DictionaryElementContent).getKey() = key.getLiteral().(StrConst).getText() + ) +} + +/** + * double star pattern: subject flows to the variable, possibly via a conversion + * syntax (toplevel): `case {**var}:` + * + * Dictionary content flows to the double star, but all mentioned keys in the + * mapping pattern should be cleared. + */ +predicate matchMappingFlowStep(Node nodeFrom, Node nodeTo) { + exists(MatchMappingPattern subject, MatchDoubleStarPattern dstar | dstar = subject.getAMapping() | + nodeFrom.asCfgNode().getNode() = subject and + nodeTo.asCfgNode().getNode() = dstar.getTarget() + ) +} + +/** + * Bindings that are mentioned in a mapping pattern will not be available + * to a double star pattern in the same mapping pattern. + */ +predicate matchMappingClearStep(Node n, Content c) { + exists( + MatchMappingPattern subject, MatchKeyValuePattern keyValue, MatchLiteralPattern key, + MatchDoubleStarPattern dstar + | + keyValue = subject.getAMapping() and + key = keyValue.getKey() and + dstar = subject.getAMapping() + | + n.asCfgNode().getNode() = dstar.getTarget() and + c.(DictionaryElementContent).getKey() = key.getLiteral().(StrConst).getText() + ) +} + +/** + * class pattern: all keywords read the appropriate attribute from the subject + * syntax (toplevel): `case ClassName(attr = val):` + */ +predicate matchClassReadStep(Node nodeFrom, Content c, Node nodeTo) { + exists(MatchClassPattern subject, MatchKeywordPattern keyword, Name attr, Pattern value | + keyword = subject.getKeyword(_) and + attr = keyword.getAttribute() and + value = keyword.getValue() + | + nodeFrom.asCfgNode().getNode() = subject and + nodeTo.asCfgNode().getNode() = value and + c.(AttributeContent).getAttribute() = attr.getId() + ) +} + +/** All flow steps associated with match. */ +predicate matchFlowStep(Node nodeFrom, Node nodeTo) { + matchSubjectFlowStep(nodeFrom, nodeTo) + or + matchAsFlowStep(nodeFrom, nodeTo) + or + matchOrFlowStep(nodeFrom, nodeTo) + or + matchLiteralFlowStep(nodeFrom, nodeTo) + or + matchCaptureFlowStep(nodeFrom, nodeTo) + or + matchValueFlowStep(nodeFrom, nodeTo) + or + matchMappingFlowStep(nodeFrom, nodeTo) +} + +/** All read steps associated with match. */ +predicate matchReadStep(Node nodeFrom, Content c, Node nodeTo) { + matchClassReadStep(nodeFrom, c, nodeTo) + or + matchSequenceReadStep(nodeFrom, c, nodeTo) + or + matchMappingReadStep(nodeFrom, c, nodeTo) + or + matchStarReadStep(nodeFrom, c, nodeTo) +} + +/** All store steps associated with match. */ +predicate matchStoreStep(Node nodeFrom, Content c, Node nodeTo) { + matchStarStoreStep(nodeFrom, c, nodeTo) +} + +/** + * All clear steps associated with match + */ +predicate matchClearStep(Node n, Content c) { matchMappingClearStep(n, c) } diff --git a/python/ql/lib/semmle/python/dataflow/new/internal/readme.md b/python/ql/lib/semmle/python/dataflow/new/internal/readme.md deleted file mode 100644 index 88cb5ad3ed0..00000000000 --- a/python/ql/lib/semmle/python/dataflow/new/internal/readme.md +++ /dev/null @@ -1,138 +0,0 @@ -# Using the shared dataflow library - -## File organisation - -The files currently live in `experimental` (whereas the existing implementation lives in `semmle\python\dataflow`). - -In there is found `DataFlow.qll`, `DataFlow2.qll` etc. which refer to `internal\DataFlowImpl`, `internal\DataFlowImpl2` etc. respectively. The `DataFlowImplN`-files are all identical copies to avoid mutual recursion. They start off by including two files `internal\DataFlowImplCommon` and `internal\DataFlowImplSpecific`. The former contains all the language-agnostic definitions, while the latter is where we describe our favorite language. `Sepcific` simply forwards to two other files `internal\DataFlowPrivate.qll` and `internal\DataFlowPublic.qll`. Definitions in the former will be hidden behind a `private` modifier, while those in the latter can be referred to in data flow queries. For instance, the definition of `DataFlow::Node` should likely be in `DataFlowPublic.qll`. - -## Define the dataflow graph - -In order to use the dataflow library, we need to define the dataflow graph, -that is define the nodes and the edges. - -### Define the nodes - -The nodes are defined in the type `DataFlow::Node` (found in `DataFlowPublic.qll`). -This should likely be an IPA type, so we can extend it as needed. - -Typical cases needed to construct the call graph include - - argument node - - parameter node - - return node - -Typical extensions include - - postupdate nodes - - implicit `this`-nodes - -### Define the edges - -The edges split into local flow (within a function) and global flow (the call graph, between functions/procedures). - -Extra flow, such as reading from and writing to global variables, can be captured in `jumpStep`. -The local flow should be obtainalble from an SSA computation. -Local flow nodes are generally either control flow nodes or SSA variables. -Flow from control flow nodes to SSA variables comes from SSA variable definitions, while flow from SSA variables to control flow nodes comes from def-use pairs. - -The global flow should be obtainable from a `PointsTo` analysis. It is specified via `viableCallable` and -`getAnOutNode`. Consider making `ReturnKind` a singleton IPA type as in java. - -Global flow includes local flow within a consistent call context. Thus, for local flow to count as global flow, all relevant nodes should implement `getEnclosingCallable`. - -If complicated dispatch needs to be modelled, try using the `[reduced|pruned]viable*` predicates. - -## Field flow - -To track flow through fields we need to provide a model of fields, that is the `Content` class. - -Field access is specified via `read_step` and `store_step`. - -Work is being done to make field flow handle lists and dictionaries and the like. - -`PostUpdateNode`s become important when field flow is used, as they track modifications to fields resulting from function calls. - -## Type pruning - -If type information is available, flows can be discarded on the grounds of type mismatch. - -Tracked types are given by the class `DataFlowType` and the predicate `getTypeBound`, and compatibility is recorded in the predicate `compatibleTypes`. -If type pruning is not used, `compatibleTypes` should be implemented as `any`; if it is implemented, say, as `none`, all flows will be pruned. - -Further, possible casts are given by the class `CastNode`. - ---- - -# Plan - -## Stage I, data flow - -### Phase 0, setup -Define minimal IPA type for `DataFlow::Node` -Define all required predicates empty (via `none()`), -except `compatibleTypes` which should be `any()`. -Define `ReturnKind`, `DataFlowType`, and `Content` as singleton IPA types. - - -### Phase 1, local flow -Implement `simpleLocalFlowStep` based on the existing SSA computation - -### Phase 2, local flow -Implement `viableCallable` and `getAnOutNode` based on the existing predicate `PointsTo`. - -### Phase 3, field flow -Redefine `Content` and implement `read_step` and `store_step`. - -Review use of post-update nodes. - -### Phase 4, type pruning -Use type trackers to obtain relevant type information and redefine `DataFlowType` to contain appropriate cases. Record the type information in `getTypeBound`. - -Implement `compatibleTypes` (perhaps simply as the identity). - -If necessary, re-implement `getErasedRepr` and `ppReprType`. - -If necessary, redefine `CastNode`. - -### Phase 5, bonus -Review possible use of `[reduced|pruned]viable*` predicates. - -Review need for more elaborate `ReturnKind`. - -Review need for non-empty `jumpStep`. - -Review need for non-empty `isUnreachableInCall`. - -## Stage II, taint tracking - -# Phase 0, setup -Implement all predicates empty. - -# Phase 1, experiments -Try recovering an existing taint tracking query by implementing sources, sinks, sanitizers, and barriers. - ---- - -# Status - -## Achieved - -- Copy of shared library; implemented enough predicates to make it compile. -- Simple flow into, out of, and through functions. -- Some tests, in particular a sceleton for something comprehensive. - -## TODO - -- Implementation has largely been done by finding a plausibly-sounding predicate in the python library to refer to. We should review that we actually have the intended semantics in all places. -- Comprehensive testing. -- The regression tests track the value of guards in order to eliminate impossible data flow. We currently have regressions because of this. We cannot readily replicate the existing method, as it uses the interdefinedness of data flow and taint tracking (there is a boolean taint kind). C++ [does something similar](https://github.com/github/codeql/blob/master/cpp/ql/src/semmle/code/cpp/controlflow/internal/ConstantExprs.qll#L27-L36) for eliminating impossible control flow, which we might be able to replicate (they infer values of "interesting" control flow nodes, which are those needed to determine values of guards). -- Flow for some syntactic constructs are done via extra taint steps in the existing implementation, we should find a way to get data flow for it. Some of this should be covered by field flow. -- A document is being written about proper use of the shared data flow library, this should be adhered to. In particular, we should consider replacing def-use with def-to-first-use and use-to-next-use in local flow. -- We seem to get duplicated results for global flow, as well as flow with and without type (so four times the "unique" results). -- We currently consider control flow nodes like exit nodes for functions, we should probably filter down which ones are of interest. -- We should probably override ToString for a number of data flow nodes. -- Test flow through classes, constructors and methods. -- What happens with named arguments? What does C# do? -- What should the enclosable callable for global variables be? C++ [makes it the variable itself](https://github.com/github/codeql/blob/master/cpp/ql/src/semmle/code/cpp/ir/dataflow/internal/DataFlowUtil.qll#L417), C# seems to not have nodes for these but only for their reads and writes. -- Is `yield` another return type? If not, how is it handled? -- Should `OutNode` include magic function calls? -- Consider creating an internal abstract class for nodes as C# does. Among other things, this can help the optimizer by stating that `getEnclosingCallable` [is functional](https://github.com/github/codeql/blob/master/csharp/ql/src/semmle/code/csharp/dataflow/internal/DataFlowPublic.qll#L62). \ No newline at end of file diff --git a/python/ql/lib/semmle/python/frameworks/Aiohttp.qll b/python/ql/lib/semmle/python/frameworks/Aiohttp.qll index 8579e5039a9..bacf6ea9fc4 100644 --- a/python/ql/lib/semmle/python/frameworks/Aiohttp.qll +++ b/python/ql/lib/semmle/python/frameworks/Aiohttp.qll @@ -243,7 +243,9 @@ module AiohttpWebModel { /** A class that has a super-type which is an aiohttp.web View class. */ class AiohttpViewClassFromSuperClass extends AiohttpViewClass { - AiohttpViewClassFromSuperClass() { this.getABase() = View::subclassRef().getAUse().asExpr() } + AiohttpViewClassFromSuperClass() { + this.getParent() = View::subclassRef().getAnImmediateUse().asExpr() + } } /** A class that is used in a route-setup, therefore being considered an aiohttp.web View class. */ diff --git a/python/ql/lib/semmle/python/frameworks/Django.qll b/python/ql/lib/semmle/python/frameworks/Django.qll index eed57b2c4c6..a60c577cd40 100644 --- a/python/ql/lib/semmle/python/frameworks/Django.qll +++ b/python/ql/lib/semmle/python/frameworks/Django.qll @@ -829,7 +829,7 @@ module PrivateDjango { /** Gets the (AST) class of the Django model class `modelClass`. */ Class getModelClassClass(API::Node modelClass) { - result.getParent() = modelClass.getAUse().asExpr().(ClassExpr) and + result.getParent() = modelClass.getAnImmediateUse().asExpr() and modelClass = Model::subclassRef() } @@ -2162,7 +2162,9 @@ module PrivateDjango { * thereby handling user input. */ class DjangoFormClass extends Class, SelfRefMixin { - DjangoFormClass() { this.getABase() = Django::Forms::Form::subclassRef().getAUse().asExpr() } + DjangoFormClass() { + this.getParent() = Django::Forms::Form::subclassRef().getAnImmediateUse().asExpr() + } } /** @@ -2195,7 +2197,7 @@ module PrivateDjango { */ class DjangoFormFieldClass extends Class { DjangoFormFieldClass() { - this.getABase() = Django::Forms::Field::subclassRef().getAUse().asExpr() + this.getParent() = Django::Forms::Field::subclassRef().getAnImmediateUse().asExpr() } } @@ -2298,7 +2300,7 @@ module PrivateDjango { */ class DjangoViewClassFromSuperClass extends DjangoViewClass { DjangoViewClassFromSuperClass() { - this.getABase() = Django::Views::View::subclassRef().getAUse().asExpr() + this.getParent() = Django::Views::View::subclassRef().getAnImmediateUse().asExpr() } } diff --git a/python/ql/lib/semmle/python/frameworks/Flask.qll b/python/ql/lib/semmle/python/frameworks/Flask.qll index 16ec14c1362..0059a8a1154 100644 --- a/python/ql/lib/semmle/python/frameworks/Flask.qll +++ b/python/ql/lib/semmle/python/frameworks/Flask.qll @@ -194,8 +194,8 @@ module Flask { API::Node api_node; FlaskViewClass() { - this.getABase() = Views::View::subclassRef().getAUse().asExpr() and - api_node.getAnImmediateUse().asExpr() = this.getParent() + api_node = Views::View::subclassRef() and + this.getParent() = api_node.getAnImmediateUse().asExpr() } /** Gets a function that could handle incoming requests, if any. */ @@ -219,8 +219,8 @@ module Flask { */ class FlaskMethodViewClass extends FlaskViewClass { FlaskMethodViewClass() { - this.getABase() = Views::MethodView::subclassRef().getAUse().asExpr() and - api_node.getAnImmediateUse().asExpr() = this.getParent() + api_node = Views::MethodView::subclassRef() and + this.getParent() = api_node.getAnImmediateUse().asExpr() } override Function getARequestHandler() { diff --git a/python/ql/lib/semmle/python/frameworks/RestFramework.qll b/python/ql/lib/semmle/python/frameworks/RestFramework.qll index 0f6f64e92c7..61f031576de 100644 --- a/python/ql/lib/semmle/python/frameworks/RestFramework.qll +++ b/python/ql/lib/semmle/python/frameworks/RestFramework.qll @@ -115,7 +115,7 @@ private module RestFramework { */ class RestFrameworkApiViewClass extends PrivateDjango::DjangoViewClassFromSuperClass { RestFrameworkApiViewClass() { - this.getABase() = any(ModeledApiViewClasses c).getASubclass*().getAUse().asExpr() + this.getParent() = any(ModeledApiViewClasses c).getASubclass*().getAnImmediateUse().asExpr() } override Function getARequestHandler() { diff --git a/python/ql/lib/semmle/python/frameworks/Stdlib.qll b/python/ql/lib/semmle/python/frameworks/Stdlib.qll index f4b6915d440..6fb3e910b2b 100644 --- a/python/ql/lib/semmle/python/frameworks/Stdlib.qll +++ b/python/ql/lib/semmle/python/frameworks/Stdlib.qll @@ -1934,7 +1934,7 @@ private module StdlibPrivate { /** A HttpRequestHandler class definition (most likely in project code). */ class HttpRequestHandlerClassDef extends Class { - HttpRequestHandlerClassDef() { this.getParent() = subclassRef().getAUse().asExpr() } + HttpRequestHandlerClassDef() { this.getParent() = subclassRef().getAnImmediateUse().asExpr() } } /** DEPRECATED: Alias for HttpRequestHandlerClassDef */ @@ -2027,12 +2027,12 @@ private module StdlibPrivate { private module WsgirefSimpleServer { class WsgiServerSubclass extends Class, SelfRefMixin { WsgiServerSubclass() { - this.getABase() = + this.getParent() = API::moduleImport("wsgiref") .getMember("simple_server") .getMember("WSGIServer") .getASubclass*() - .getAUse() + .getAnImmediateUse() .asExpr() } } diff --git a/python/ql/lib/semmle/python/frameworks/Tornado.qll b/python/ql/lib/semmle/python/frameworks/Tornado.qll index 8a28fdd61cb..9c604afc1ec 100644 --- a/python/ql/lib/semmle/python/frameworks/Tornado.qll +++ b/python/ql/lib/semmle/python/frameworks/Tornado.qll @@ -92,7 +92,7 @@ private module Tornado { /** A RequestHandler class (most likely in project code). */ class RequestHandlerClass extends Class { - RequestHandlerClass() { this.getParent() = subclassRef().getAUse().asExpr() } + RequestHandlerClass() { this.getParent() = subclassRef().getAnImmediateUse().asExpr() } /** Gets a function that could handle incoming requests, if any. */ Function getARequestHandler() { diff --git a/python/ql/lib/semmle/python/frameworks/Twisted.qll b/python/ql/lib/semmle/python/frameworks/Twisted.qll index 2ac9bb5eb40..513f5c942d0 100644 --- a/python/ql/lib/semmle/python/frameworks/Twisted.qll +++ b/python/ql/lib/semmle/python/frameworks/Twisted.qll @@ -27,13 +27,13 @@ private module Twisted { */ class TwistedResourceSubclass extends Class { TwistedResourceSubclass() { - this.getABase() = + this.getParent() = API::moduleImport("twisted") .getMember("web") .getMember("resource") .getMember("Resource") .getASubclass*() - .getAUse() + .getAnImmediateUse() .asExpr() } diff --git a/python/ql/src/CHANGELOG.md b/python/ql/src/CHANGELOG.md index 7a987e04da3..1063dcf808c 100644 --- a/python/ql/src/CHANGELOG.md +++ b/python/ql/src/CHANGELOG.md @@ -1,3 +1,7 @@ +## 0.0.13 + +## 0.0.12 + ## 0.0.11 ### New Queries diff --git a/python/ql/src/change-notes/released/0.0.12.md b/python/ql/src/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..a8e2f0b468e --- /dev/null +++ b/python/ql/src/change-notes/released/0.0.12.md @@ -0,0 +1 @@ +## 0.0.12 diff --git a/python/ql/src/change-notes/released/0.0.13.md b/python/ql/src/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/python/ql/src/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/python/ql/src/codeql-pack.release.yml b/python/ql/src/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/python/ql/src/codeql-pack.release.yml +++ b/python/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/python/ql/src/experimental/Security/CWE-022/ZipSlip.qhelp b/python/ql/src/experimental/Security/CWE-022/ZipSlip.qhelp new file mode 100644 index 00000000000..89260db7bd7 --- /dev/null +++ b/python/ql/src/experimental/Security/CWE-022/ZipSlip.qhelp @@ -0,0 +1,56 @@ + + + + +

Extracting files from a malicious zip archive without validating that the destination file path +is within the destination directory can cause files outside the destination directory to be +overwritten, due to the possible presence of directory traversal elements (..) in +archive paths.

+ +

Zip archives contain archive entries representing each file in the archive. These entries +include a file path for the entry, but these file paths are not restricted and may contain +unexpected special elements such as the directory traversal element (..). If these +file paths are used to determine an output file to write the contents of the archive item to, then +the file may be written to an unexpected location. This can result in sensitive information being +revealed or deleted, or an attacker being able to influence behavior by modifying unexpected +files.

+ +

For example, if a Zip archive contains a file entry ..\sneaky-file, and the Zip archive +is extracted to the directory c:\output, then naively combining the paths would result +in an output file path of c:\output\..\sneaky-file, which would cause the file to be +written to c:\sneaky-file.

+ + + + +

Ensure that output paths constructed from Zip archive entries are validated +to prevent writing files to unexpected locations.

+ +

The recommended way of writing an output file from a Zip archive entry is to call extract() or extractall(). +

+ + + + +

+In this example an archive is extracted without validating file paths. +

+ + + +

To fix this vulnerability, we need to call the function extractall(). +

+ + + + + +
  • +Snyk: +Zip Slip Vulnerability. +
    • + + + diff --git a/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql b/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql new file mode 100644 index 00000000000..dd89b4d1280 --- /dev/null +++ b/python/ql/src/experimental/Security/CWE-022/ZipSlip.ql @@ -0,0 +1,22 @@ +/** + * @name Arbitrary file write during archive extraction ("Zip Slip") + * @description Extracting files from a malicious archive without validating that the + * destination file path is within the destination directory can cause files outside + * the destination directory to be overwritten. + * @kind path-problem + * @id py/zipslip + * @problem.severity error + * @security-severity 7.5 + * @precision high + * @tags security + * external/cwe/cwe-022 + */ + +import python +import experimental.semmle.python.security.ZipSlip +import DataFlow::PathGraph + +from ZipSlipConfig config, DataFlow::PathNode source, DataFlow::PathNode sink +where config.hasFlowPath(source, sink) +select sink.getNode(), source, sink, "Extraction of zipfile from $@", source.getNode(), + "a potentially untrusted source" diff --git a/python/ql/src/experimental/Security/CWE-022/zipslip_bad.py b/python/ql/src/experimental/Security/CWE-022/zipslip_bad.py new file mode 100644 index 00000000000..24b6ec4d978 --- /dev/null +++ b/python/ql/src/experimental/Security/CWE-022/zipslip_bad.py @@ -0,0 +1,16 @@ +import zipfile +import shutil + +def unzip(filename): + with tarfile.open(filename) as zipf: + #BAD : This could write any file on the filesystem. + for entry in zipf: + shutil.copyfile(entry, "/tmp/unpack/") + +def unzip4(filename): + zf = zipfile.ZipFile(filename) + filelist = zf.namelist() + for x in filelist: + with zf.open(x) as srcf: + shutil.copyfileobj(srcf, dstfile) + diff --git a/python/ql/src/experimental/Security/CWE-022/zipslip_good.py b/python/ql/src/experimental/Security/CWE-022/zipslip_good.py new file mode 100644 index 00000000000..b6ae48e1d88 --- /dev/null +++ b/python/ql/src/experimental/Security/CWE-022/zipslip_good.py @@ -0,0 +1,10 @@ +import zipfile + +def unzip(filename, dir): + zf = zipfile.ZipFile(filename) + zf.extractall(dir) + + +def unzip1(filename, dir): + zf = zipfile.ZipFile(filename) + zf.extract(dir) diff --git a/python/ql/src/experimental/semmle/python/Concepts.qll b/python/ql/src/experimental/semmle/python/Concepts.qll index 09b44d95e89..1c08609c547 100644 --- a/python/ql/src/experimental/semmle/python/Concepts.qll +++ b/python/ql/src/experimental/semmle/python/Concepts.qll @@ -14,6 +14,73 @@ private import semmle.python.dataflow.new.RemoteFlowSources private import semmle.python.dataflow.new.TaintTracking private import experimental.semmle.python.Frameworks +/** Provides classes for modeling copying file related APIs. */ +module CopyFile { + /** + * A data flow node for copying file. + * + * Extend this class to model new APIs. If you want to refine existing API models, + * extend `CopyFile` instead. + */ + abstract class Range extends DataFlow::Node { + /** + * Gets the argument containing the path. + */ + abstract DataFlow::Node getAPathArgument(); + + /** + * Gets fsrc argument. + */ + abstract DataFlow::Node getfsrcArgument(); + } +} + +/** + * A data flow node for copying file. + * + * Extend this class to refine existing API models. If you want to model new APIs, + * extend `CopyFile::Range` instead. + */ +class CopyFile extends DataFlow::Node { + CopyFile::Range range; + + CopyFile() { this = range } + + DataFlow::Node getAPathArgument() { result = range.getAPathArgument() } + + DataFlow::Node getfsrcArgument() { result = range.getfsrcArgument() } +} + +/** Provides classes for modeling log related APIs. */ +module LogOutput { + /** + * A data flow node for log output. + * + * Extend this class to model new APIs. If you want to refine existing API models, + * extend `LogOutput` instead. + */ + abstract class Range extends DataFlow::Node { + /** + * Get the parameter value of the log output function. + */ + abstract DataFlow::Node getAnInput(); + } +} + +/** + * A data flow node for log output. + * + * Extend this class to refine existing API models. If you want to model new APIs, + * extend `LogOutput::Range` instead. + */ +class LogOutput extends DataFlow::Node { + LogOutput::Range range; + + LogOutput() { this = range } + + DataFlow::Node getAnInput() { result = range.getAnInput() } +} + /** Provides classes for modeling LDAP query execution-related APIs. */ module LdapQuery { /** diff --git a/python/ql/src/experimental/semmle/python/Frameworks.qll b/python/ql/src/experimental/semmle/python/Frameworks.qll index 81b2c1bee23..f0b120ceacc 100644 --- a/python/ql/src/experimental/semmle/python/Frameworks.qll +++ b/python/ql/src/experimental/semmle/python/Frameworks.qll @@ -13,3 +13,4 @@ private import experimental.semmle.python.libraries.PyJWT private import experimental.semmle.python.libraries.Python_JWT private import experimental.semmle.python.libraries.Authlib private import experimental.semmle.python.libraries.PythonJose +private import experimental.semmle.python.frameworks.CopyFile diff --git a/python/ql/src/experimental/semmle/python/frameworks/CopyFile.qll b/python/ql/src/experimental/semmle/python/frameworks/CopyFile.qll new file mode 100644 index 00000000000..ddf5e1f62ec --- /dev/null +++ b/python/ql/src/experimental/semmle/python/frameworks/CopyFile.qll @@ -0,0 +1,42 @@ +private import python +private import experimental.semmle.python.Concepts +private import semmle.python.dataflow.new.DataFlow +private import semmle.python.ApiGraphs + +private module CopyFileImpl { + /** + * The `shutil` module provides methods to copy or move files. + * See: + * - https://docs.python.org/3/library/shutil.html#shutil.copyfile + * - https://docs.python.org/3/library/shutil.html#shutil.copy + * - https://docs.python.org/3/library/shutil.html#shutil.copy2 + * - https://docs.python.org/3/library/shutil.html#shutil.copytree + * - https://docs.python.org/3/library/shutil.html#shutil.move + */ + private class CopyFiles extends DataFlow::CallCfgNode, CopyFile::Range { + CopyFiles() { + this = + API::moduleImport("shutil") + .getMember(["copyfile", "copy", "copy2", "copytree", "move"]) + .getACall() + } + + override DataFlow::Node getAPathArgument() { + result in [this.getArg(0), this.getArgByName("src")] + } + + override DataFlow::Node getfsrcArgument() { none() } + } + + // TODO: once we have flow summaries, model `shutil.copyfileobj` which copies the content between its' file-like arguments. + // See https://docs.python.org/3/library/shutil.html#shutil.copyfileobj + private class CopyFileobj extends DataFlow::CallCfgNode, CopyFile::Range { + CopyFileobj() { this = API::moduleImport("shutil").getMember("copyfileobj").getACall() } + + override DataFlow::Node getfsrcArgument() { + result in [this.getArg(0), this.getArgByName("fsrc")] + } + + override DataFlow::Node getAPathArgument() { none() } + } +} diff --git a/python/ql/src/experimental/semmle/python/security/ZipSlip.qll b/python/ql/src/experimental/semmle/python/security/ZipSlip.qll new file mode 100644 index 00000000000..59f558c67d6 --- /dev/null +++ b/python/ql/src/experimental/semmle/python/security/ZipSlip.qll @@ -0,0 +1,39 @@ +import python +import experimental.semmle.python.Concepts +import semmle.python.dataflow.new.DataFlow +import semmle.python.ApiGraphs +import semmle.python.dataflow.new.TaintTracking + +class ZipSlipConfig extends TaintTracking::Configuration { + ZipSlipConfig() { this = "ZipSlipConfig" } + + override predicate isSource(DataFlow::Node source) { + ( + source = + API::moduleImport("zipfile").getMember("ZipFile").getReturn().getMember("open").getACall() or + source = + API::moduleImport("zipfile") + .getMember("ZipFile") + .getReturn() + .getMember("namelist") + .getACall() or + source = API::moduleImport("tarfile").getMember("open").getACall() or + source = API::moduleImport("tarfile").getMember("TarFile").getACall() or + source = API::moduleImport("bz2").getMember("open").getACall() or + source = API::moduleImport("bz2").getMember("BZ2File").getACall() or + source = API::moduleImport("gzip").getMember("GzipFile").getACall() or + source = API::moduleImport("gzip").getMember("open").getACall() or + source = API::moduleImport("lzma").getMember("open").getACall() or + source = API::moduleImport("lzma").getMember("LZMAFile").getACall() + ) and + not source.getScope().getLocation().getFile().inStdlib() + } + + override predicate isSink(DataFlow::Node sink) { + ( + sink = any(CopyFile copyfile).getAPathArgument() or + sink = any(CopyFile copyfile).getfsrcArgument() + ) and + not sink.getScope().getLocation().getFile().inStdlib() + } +} diff --git a/python/ql/src/qlpack.yml b/python/ql/src/qlpack.yml index 9e4b8141aee..2191541fd4e 100644 --- a/python/ql/src/qlpack.yml +++ b/python/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/python-queries -version: 0.0.12-dev +version: 0.1.0-dev groups: - python - queries diff --git a/python/ql/test/experimental/query-tests/Security/CWE-022/ZipSlip.expected b/python/ql/test/experimental/query-tests/Security/CWE-022/ZipSlip.expected new file mode 100644 index 00000000000..66594b3374e --- /dev/null +++ b/python/ql/test/experimental/query-tests/Security/CWE-022/ZipSlip.expected @@ -0,0 +1,34 @@ +edges +| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:10:13:10:17 | SSA variable entry | +| zipslip_bad.py:10:13:10:17 | SSA variable entry | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | +| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:16:13:16:17 | SSA variable entry | +| zipslip_bad.py:16:13:16:17 | SSA variable entry | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | +| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:22:13:22:17 | SSA variable entry | +| zipslip_bad.py:22:13:22:17 | SSA variable entry | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | +| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:29:13:29:13 | SSA variable x | +| zipslip_bad.py:29:13:29:13 | SSA variable x | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | +| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:35:9:35:9 | SSA variable x | +| zipslip_bad.py:35:9:35:9 | SSA variable x | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | +nodes +| zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | +| zipslip_bad.py:10:13:10:17 | SSA variable entry | semmle.label | SSA variable entry | +| zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry | +| zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | +| zipslip_bad.py:16:13:16:17 | SSA variable entry | semmle.label | SSA variable entry | +| zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry | +| zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | +| zipslip_bad.py:22:13:22:17 | SSA variable entry | semmle.label | SSA variable entry | +| zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | semmle.label | ControlFlowNode for entry | +| zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | +| zipslip_bad.py:29:13:29:13 | SSA variable x | semmle.label | SSA variable x | +| zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | semmle.label | ControlFlowNode for x | +| zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() | +| zipslip_bad.py:35:9:35:9 | SSA variable x | semmle.label | SSA variable x | +| zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | semmle.label | ControlFlowNode for x | +subpaths +#select +| zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | zipslip_bad.py:11:25:11:29 | ControlFlowNode for entry | Extraction of zipfile from $@ | zipslip_bad.py:8:10:8:31 | ControlFlowNode for Attribute() | a potentially untrusted source | +| zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | zipslip_bad.py:17:26:17:30 | ControlFlowNode for entry | Extraction of zipfile from $@ | zipslip_bad.py:14:10:14:28 | ControlFlowNode for Attribute() | a potentially untrusted source | +| zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | zipslip_bad.py:23:29:23:33 | ControlFlowNode for entry | Extraction of zipfile from $@ | zipslip_bad.py:20:10:20:27 | ControlFlowNode for Attribute() | a potentially untrusted source | +| zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | zipslip_bad.py:30:25:30:25 | ControlFlowNode for x | Extraction of zipfile from $@ | zipslip_bad.py:27:10:27:22 | ControlFlowNode for Attribute() | a potentially untrusted source | +| zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | zipslip_bad.py:37:32:37:32 | ControlFlowNode for x | Extraction of zipfile from $@ | zipslip_bad.py:34:16:34:28 | ControlFlowNode for Attribute() | a potentially untrusted source | diff --git a/python/ql/test/experimental/query-tests/Security/CWE-022/ZipSlip.qlref b/python/ql/test/experimental/query-tests/Security/CWE-022/ZipSlip.qlref new file mode 100644 index 00000000000..717dc9d0f10 --- /dev/null +++ b/python/ql/test/experimental/query-tests/Security/CWE-022/ZipSlip.qlref @@ -0,0 +1 @@ +experimental/Security/CWE-022/ZipSlip.ql diff --git a/python/ql/test/experimental/query-tests/Security/CWE-022/zipslip_bad.py b/python/ql/test/experimental/query-tests/Security/CWE-022/zipslip_bad.py new file mode 100644 index 00000000000..c622ead874c --- /dev/null +++ b/python/ql/test/experimental/query-tests/Security/CWE-022/zipslip_bad.py @@ -0,0 +1,39 @@ +import tarfile +import shutil +import bz2 +import gzip +import zipfile + +def unzip(filename): + with tarfile.open(filename) as zipf: + #BAD : This could write any file on the filesystem. + for entry in zipf: + shutil.move(entry, "/tmp/unpack/") + +def unzip1(filename): + with gzip.open(filename) as zipf: + #BAD : This could write any file on the filesystem. + for entry in zipf: + shutil.copy2(entry, "/tmp/unpack/") + +def unzip2(filename): + with bz2.open(filename) as zipf: + #BAD : This could write any file on the filesystem. + for entry in zipf: + shutil.copyfile(entry, "/tmp/unpack/") + +def unzip3(filename): + zf = zipfile.ZipFile(filename) + with zf.namelist() as filelist: + #BAD : This could write any file on the filesystem. + for x in filelist: + shutil.copy(x, "/tmp/unpack/") + +def unzip4(filename): + zf = zipfile.ZipFile(filename) + filelist = zf.namelist() + for x in filelist: + with zf.open(x) as srcf: + shutil.copyfileobj(x, "/tmp/unpack/") + +import tty # to set the import root so we can identify the standard library diff --git a/python/ql/test/experimental/query-tests/Security/CWE-022/zipslip_good.py b/python/ql/test/experimental/query-tests/Security/CWE-022/zipslip_good.py new file mode 100644 index 00000000000..e1a4b9c5f0c --- /dev/null +++ b/python/ql/test/experimental/query-tests/Security/CWE-022/zipslip_good.py @@ -0,0 +1,14 @@ +import zipfile +import tarfile +import shutil + +def unzip(filename, dir): + zf = zipfile.ZipFile(filename) + zf.extractall(dir) + + +def unzip1(filename, dir): + zf = zipfile.ZipFile(filename) + zf.extract(dir) + + diff --git a/ql/ql/src/codeql_ql/ast/Ast.qll b/ql/ql/src/codeql_ql/ast/Ast.qll index 4afc2b1de43..7642279dc59 100644 --- a/ql/ql/src/codeql_ql/ast/Ast.qll +++ b/ql/ql/src/codeql_ql/ast/Ast.qll @@ -79,6 +79,7 @@ class AstNode extends TAstNode { /** Gets an annotation of this AST node. */ Annotation getAnAnnotation() { + not this instanceof Annotation and // avoid cyclic parent-child relationship toQL(this).getParent() = pragma[only_bind_out](toQL(result)).getParent() } @@ -125,6 +126,9 @@ class TopLevel extends TTopLevel, AstNode { /** Gets a `newtype` defined at the top-level of this module. */ NewType getANewType() { result = this.getAMember() } + /** Gets a `select` clause in the top-level of this module. */ + Select getASelect() { result = this.getAMember() } + override ModuleMember getAChild(string pred) { pred = directMember("getAnImport") and result = this.getAnImport() or @@ -137,6 +141,8 @@ class TopLevel extends TTopLevel, AstNode { pred = directMember("getANewType") and result = this.getANewType() or pred = directMember("getQLDoc") and result = this.getQLDoc() + or + pred = directMember("getASelect") and result = this.getASelect() } QLDoc getQLDocFor(ModuleMember m) { @@ -547,6 +553,9 @@ class VarDef extends TVarDef, AstNode { Type getType() { none() } + /** Gets a variable access to this `VarDef` */ + VarAccess getAnAccess() { result.getDeclaration() = this } + override string getAPrimaryQlClass() { result = "VarDef" } override string toString() { result = this.getName() } diff --git a/ql/ql/src/codeql_ql/ast/internal/AstNodeNumbering.qll b/ql/ql/src/codeql_ql/ast/internal/AstNodeNumbering.qll new file mode 100644 index 00000000000..16f93f43207 --- /dev/null +++ b/ql/ql/src/codeql_ql/ast/internal/AstNodeNumbering.qll @@ -0,0 +1,38 @@ +private import codeql_ql.ast.Ast + +pragma[inline] +private predicate isNumberedNode(AstNode node) { + // these are not nested in the location of the parent node, so we can't use their location to order them + not node instanceof Annotation and + not node instanceof QLDoc +} + +private int getNodeDepth(AstNode node) { + node instanceof TopLevel and + result = 0 + or + isNumberedNode(node) and + result = 1 + getNodeDepth(node.getParent()) +} + +/** + * Gets the pre-order ID for the given `node`, that is, its visit position + * in a pre-order traversal of all nodes. + * + * The children of a node are ordered left-to-right as they appear in the source code. + * + * The ID is globally unique for this AST node, also across files. + * + * At the moment this predicate is only defined for node which are: + * - reachable via `getAChild` edges from a `TopLevel`, and + * - is not a comment or annotation + */ +cached +int getPreOrderId(AstNode node) { + node = + rank[result](AstNode n, Location loc, int depth | + depth = getNodeDepth(n) and loc = n.getLocation() + | + n order by loc.getFile().getAbsolutePath(), loc.getStartLine(), loc.getStartColumn(), depth + ) +} diff --git a/ql/ql/src/codeql_ql/ast/internal/AstNodes.qll b/ql/ql/src/codeql_ql/ast/internal/AstNodes.qll index ac06cdd9548..873746e4cb8 100644 --- a/ql/ql/src/codeql_ql/ast/internal/AstNodes.qll +++ b/ql/ql/src/codeql_ql/ast/internal/AstNodes.qll @@ -204,7 +204,7 @@ QL::AstNode toQL(AST::AstNode n) { class TPredicate = TCharPred or TClasslessPredicate or TClassPredicate or TDBRelation or TNewTypeBranch; -class TPredOrBuiltin = TPredicate or TNewTypeBranch or TBuiltin; +class TPredOrBuiltin = TPredicate or TBuiltin; class TBuiltin = TBuiltinClassless or TBuiltinMember; diff --git a/ql/ql/src/codeql_ql/dataflow/DataFlow.qll b/ql/ql/src/codeql_ql/dataflow/DataFlow.qll new file mode 100644 index 00000000000..3f6c4903970 --- /dev/null +++ b/ql/ql/src/codeql_ql/dataflow/DataFlow.qll @@ -0,0 +1,391 @@ +/** + * Experimental library for reasoning about data flow. + * + * Current limitations: + * - Global flow does not reason about subclassing, overriding, and dispatch + * - `this`, `result`, and local field variables are treated less precisely + * than regular variables (see VarScoping.qll) + * - Polarity is not tracked, that is, global flow does not care about negation at all. + */ + +private import codeql_ql.ast.Ast +private import internal.NodesInternal +private import internal.DataFlowNumbering +private import internal.LocalFlow as LocalFlow +private import internal.GlobalFlow as GlobalFlow + +/** + * An expression or variable in a formula, including some additional nodes + * that are not part of the AST. + * + * Nodes that are locally bound together by equalities are clustered into a "super node", + * which can be accessed using `getSuperNode()`. There is usually no reason to use `Node` directly + * other than to reason about what kind of node is contained in a super node. + * + * To reason about global data flow, use `SuperNode.track()`. + */ +class Node extends TNode { + /** Gets a string representation of this element. */ + string toString() { none() } // overridden in subclasses + + /** Gets the location of element. */ + Location getLocation() { none() } // overridden in subclasses + + /** + * Gets the underlying `Expr` or `VarDef` node, if this is an `AstNodeNode`. + */ + AstNode asAstNode() { astNode(result) = this } + + /** + * Gets the predicate containing this data-flow node. + * + * All data-flow nodes belong in exactly one predicate. + * TODO: select clauses + */ + Predicate getEnclosingPredicate() { none() } // overridden in subclasses + + /** + * Gets the collection of data-flow nodes locally bound by equalities, represented + * by a "super node". + * + * Super nodes are the medium through which to propagate data-flow information globally. + */ + SuperNode getSuperNode() { result.getANode() = this } +} + +/** + * A data-flow node based an `Expr` or `VarDef` AST node. + */ +class AstNodeNode extends Node, MkAstNodeNode { + private AstNode ast; + + AstNodeNode() { this = MkAstNodeNode(ast) } + + override string toString() { result = ast.toString() } + + override Location getLocation() { result = ast.getLocation() } + + /** Gets the AST node. */ + AstNode getAstNode() { result = ast } + + override Predicate getEnclosingPredicate() { result = ast.getEnclosingPredicate() } +} + +/** + * Gets the data-flow node correspoinding to the given AST node. + */ +pragma[inline] +Node astNode(AstNode node) { result = MkAstNodeNode(node) } + +/** + * A data-flow node representing a variable within a specific scope. + */ +class ScopedVariableNode extends Node, MkScopedVariable { + private VarDef var; + private AstNode scope; + + ScopedVariableNode() { this = MkScopedVariable(var, scope) } + + override string toString() { + result = + "Variable '" + var.getName() + "' scoped to " + scope.getLocation().getStartLine() + ":" + + scope.getLocation().getStartColumn() + } + + override Location getLocation() { result = scope.getLocation() } + + /** Gets the variable being refined to a specific scope. */ + VarDef getVariable() { result = var } + + /** Gets the scope to which this variable has been refined. */ + AstNode getScope() { result = scope } + + override Predicate getEnclosingPredicate() { result = var.getEnclosingPredicate() } +} + +/** + * Gets the data-flow node corresponding to `var` restricted to `scope`. + */ +pragma[inline] +Node scopedVariable(VarDef var, AstNode scope) { result = MkScopedVariable(var, scope) } + +/** + * A data-flow node representing `this` within a class predicate, charpred, or newtype branch. + */ +class ThisNode extends Node, MkThisNode { + private Predicate pred; + + ThisNode() { this = MkThisNode(pred) } + + override string toString() { result = "'this' in " + pred.getName() } + + override Location getLocation() { result = pred.getLocation() } + + /** Gets the class predicate, charpred, or newtype branch whose 'this' parameter is represented by this node. */ + Predicate getPredicate() { result = pred } + + override Predicate getEnclosingPredicate() { result = pred } +} + +/** + * Gets the data-flow node representing `this` within the given class predicate, charpred, or newtype branch. + */ +pragma[inline] +Node thisNode(Predicate pred) { result = MkThisNode(pred) } + +/** + * A data-flow node representing `result` within a predicate that has a result. + */ +class ResultNode extends Node, MkResultNode { + private Predicate pred; + + ResultNode() { this = MkResultNode(pred) } + + override string toString() { result = "'result' in " + pred.getName() } + + override Location getLocation() { result = pred.getLocation() } + + /** Gets the predicate whose 'result' parameter is represented by this node. */ + Predicate getPredicate() { result = pred } + + override Predicate getEnclosingPredicate() { result = pred } +} + +/** + * Gets the data-flow node representing `result` within the given predicate. + */ +pragma[inline] +Node resultNode(Predicate pred) { result = MkResultNode(pred) } + +/** + * A data-flow node representing the view of a field in the enclosing class, as seen + * from a charpred or class predicate. + */ +class FieldNode extends Node, MkFieldNode { + private Predicate pred; + private FieldDecl fieldDecl; + + FieldNode() { this = MkFieldNode(pred, fieldDecl) } + + /** Gets the member predicate or charpred for which this node represents access to the field. */ + Predicate getPredicate() { result = pred } + + /** Gets the declaration of the field. */ + FieldDecl getFieldDeclaration() { result = fieldDecl } + + /** Gets the name of the field. */ + string getFieldName() { result = fieldDecl.getName() } + + override string toString() { result = "'" + this.getFieldName() + "' in " + pred.getName() } + + override Location getLocation() { result = pred.getLocation() } + + override Predicate getEnclosingPredicate() { result = pred } +} + +/** + * Gets the data-flow node representing the given predicate's view of the given field + * in the enclosing class. + */ +pragma[inline] +Node fieldNode(Predicate pred, FieldDecl fieldDecl) { result = MkFieldNode(pred, fieldDecl) } + +/** + * A collection of data-flow nodes in the same predicate, locally bound by equalities. + * + * To reason about global data flow, use `SuperNode.track()`. + */ +class SuperNode extends LocalFlow::TSuperNode { + private int repr; + + SuperNode() { this = LocalFlow::MkSuperNode(repr) } + + /** Gets a data-flow node that is part of this super node. */ + Node getANode() { LocalFlow::getRepr(result) = repr } + + /** Gets an AST node from any of the nodes in this super node. */ + AstNode asAstNode() { result = getANode().asAstNode() } + + /** + * Gets a single node from this super node. + * + * The node is arbitrary and the caller should not rely on how the node is chosen. + * The node is currently chosen such that: + * - An `AstNodeNode` is preferred over other nodes. + * - A node occuring earlier is preferred over one occurring later. + */ + Node getArbitraryRepr() { result = min(Node n | n = getANode() | n order by getInternalId(n)) } + + /** + * Gets the predicate containing all nodes that are part of this super node. + */ + Predicate getEnclosingPredicate() { result = getANode().getEnclosingPredicate() } + + /** Gets a string representation of this super node. */ + string toString() { + exists(int c | + c = strictcount(getANode()) and + result = "Super node of " + c + " nodes in " + getEnclosingPredicate().getName() + ) + } + + /** Gets the location of an arbitrary node in this super node. */ + Location getLocation() { result = getArbitraryRepr().getLocation() } + + /** Gets any member call whose receiver is in the same super node. */ + MemberCall getALocalMemberCall() { superNode(result.getBase()) = this } + + /** Gets any member call whose receiver is in the same super node. */ + MemberCall getALocalMemberCall(string name) { + result = this.getALocalMemberCall() and + result.getMemberName() = name + } + + /** + * Gets a node that this node may "flow to" after one step. + * + * Basic usage of `track()` to track some expressions looks like this: + * ``` + * DataFlow::SuperNode myThing(DataFlow::Tracker t) { + * t.start() and + * result = DataFlow::superNode(< some ast node >) + * or + * exists (DataFlow::Tracker t2 | + * result = myThing(t2).track(t2, t) + * ) + * } + * + * DataFlow::SuperNode myThing() { result = myThing(DataFlow::Tracker::end()) } + * ``` + */ + pragma[inline] + SuperNode track(Tracker t1, Tracker t2) { + // Return state -> return state + // Store the return edge in t2 + not t1.hasCall() and + GlobalFlow::directedEdgeSuper(result, this, t2) + or + // Call state or initial state -> call state + t1.hasCallOrIsStart() and + t2.hasCall() and + GlobalFlow::directedEdgeSuper(this, result, _) + or + // Return state -> call state + // The last-used return edge must not be used as the initial call edge + // (doing so would allow returning out of a disjunction and into another branch of that disjunction) + not t1.hasCall() and + t2.hasCall() and + exists(GlobalFlow::EdgeLabel edge | + GlobalFlow::directedEdgeSuper(this, result, edge) and + edge != t1 + ) + } + + /** + * Gets node containing a string flowing to this node via `t`. + */ + cached + private string getAStringValue(Tracker t) { + t.start() and + result = asAstNode().(String).getValue() + or + exists(SuperNode pred, Tracker t2 | + this = pred.track(t2, t) and + result = pred.getAStringValue(t2) + ) + or + // Step through calls to a few built-ins that don't cause a blow-up + exists(SuperNode pred, string methodName, string oldValue | + this.asAstNode() = pred.getALocalMemberCall(methodName) and + oldValue = pred.getAStringValue(t) + | + methodName = "toLowerCase" and + result = oldValue.toLowerCase() + or + methodName = "toUpperCase" and + result = oldValue.toUpperCase() + ) + } + + /** Gets a string constant that may flow here (possibly from a caller context). */ + pragma[inline] + string getAStringValue() { result = this.getAStringValue(Tracker::end()) } + + /** Gets a string constant that may flow here, possibly out of callees, but not from caller contexts. */ + pragma[inline] + string getAStringValueNoCall() { result = this.getAStringValue(Tracker::endNoCall()) } + + /** + * Gets a string constant that may flow here, which can safely be combined with another + * value that was tracked here with `otherT`. + * + * This is under-approximate and will fail to accept valid matches when both values + * came in from the same chain of calls. + */ + bindingset[otherT] + string getAStringValueForContext(Tracker otherT) { + exists(Tracker stringT | + result = this.getAStringValue(stringT) and + otherT.isSafeToCombineWith(stringT) + ) + } +} + +/** Gets the super node for the given AST node. */ +pragma[inline] +SuperNode superNode(AstNode node) { result = astNode(node).getSuperNode() } + +/** + * A summary of the steps needed to reach a node in the global data flow graph, + * to be used in combination with `SuperNode.track`. + */ +class Tracker extends GlobalFlow::TEdgeLabelOrTrackerState { + /** Holds if this is the starting point, that is, the summary of the empty path. */ + predicate start() { this = GlobalFlow::MkNoEdge() } + + /** Holds if a call step has been used (possibly preceeded by return steps). */ + predicate hasCall() { this = GlobalFlow::MkHasCall() } + + /** Holds if either `start()` or `hasCall()` holds */ + predicate hasCallOrIsStart() { this.start() or this.hasCall() } + + /** + * Holds if the two trackers are safe to combine, in the sense that + * they don't make contradictory assumptions what context they're in. + * + * This is approximate and will reject any pair of trackers that have + * both used a call or locally came from the same disjunction. + */ + pragma[inline] + predicate isSafeToCombineWith(Tracker other) { + not ( + // Both values came from a call, they could come from different call sites. + this.hasCall() and + other.hasCall() + or + // Both values came from the same disjunction, they could come from different branches. + this = other and + this instanceof GlobalFlow::MkDisjunction + ) + } + + /** Gets a string representation of this element. */ + string toString() { + this instanceof GlobalFlow::MkNoEdge and + result = "Tracker in initial state" + or + this instanceof GlobalFlow::MkHasCall and + result = "Tracker with calls" + or + this instanceof GlobalFlow::EdgeLabel and + result = "Tracker with return step out of " + this.(GlobalFlow::EdgeLabel).toString() + } +} + +module Tracker { + /** Gets a valid end-point for tracking. */ + Tracker end() { any() } + + /** Gets a valid end-point for tracking where no calls were used. */ + Tracker endNoCall() { not result.hasCall() } +} diff --git a/ql/ql/src/codeql_ql/dataflow/internal/DataFlowNumbering.qll b/ql/ql/src/codeql_ql/dataflow/internal/DataFlowNumbering.qll new file mode 100644 index 00000000000..13d9bc88846 --- /dev/null +++ b/ql/ql/src/codeql_ql/dataflow/internal/DataFlowNumbering.qll @@ -0,0 +1,51 @@ +private import codeql_ql.ast.Ast +private import codeql_ql.ast.internal.AstNodeNumbering +private import NodesInternal + +/** An arbitrary total ordering of data-flow nodes. */ +private predicate internalOrderingKey(TNode node, int tag, int field1, int field2) { + exists(AstNode ast | + node = MkAstNodeNode(ast) and + tag = 0 and + field1 = getPreOrderId(ast) and + field2 = 0 + ) + or + exists(VarDef var, Formula scope | + node = MkScopedVariable(var, scope) and + tag = 1 and + field1 = getPreOrderId(var) and + field2 = getPreOrderId(scope) + ) + or + exists(Predicate pred | + node = MkThisNode(pred) and + tag = 2 and + field1 = getPreOrderId(pred) and + field2 = 0 + ) + or + exists(Predicate pred | + node = MkResultNode(pred) and + tag = 3 and + field1 = getPreOrderId(pred) and + field2 = 0 + ) + or + exists(Predicate pred, FieldDecl fieldDecl | + node = MkFieldNode(pred, fieldDecl) and + tag = 4 and + field1 = getPreOrderId(pred) and + field2 = getPreOrderId(fieldDecl) + ) +} + +/** Gets an integer unique to `node`. */ +int getInternalId(TNode node) { + node = + rank[result](TNode n, int tag, int field1, int field2 | + internalOrderingKey(n, tag, field1, field2) + | + n order by tag, field1, field2 + ) +} diff --git a/ql/ql/src/codeql_ql/dataflow/internal/GlobalFlow.qll b/ql/ql/src/codeql_ql/dataflow/internal/GlobalFlow.qll new file mode 100644 index 00000000000..fbc3e0044fd --- /dev/null +++ b/ql/ql/src/codeql_ql/dataflow/internal/GlobalFlow.qll @@ -0,0 +1,242 @@ +/** + * Models global flow, that is, flow between predicates and across disjunctions. + * + * We say an expression `A` "flows to" another expression `B` if some series of transformations + * would move/copy them into the same conjunction, where they are bound by equality (or are the same variable). + * + * The transformations permitted are: + * - Apply distributive law to lift a disjunction out: `A and (B or C) -> (A and B) or (A and C)` + * - Inline a predicate call. + * + * Both of these tend to copy expressions, and we just ask if some copy of `A` and some copy of `B` could + * end up in the same place. + * + * For example, `A` flows to both `B` and `C`, but `B` does not flow to `C`: + * ``` + * x = A and (x = B or x = C) + * --> + * (x = A and x = B) or (x = A and x = C) + * ``` + * + * We don't actually perform these exponential-cost transformations, we just use them to specify what "flow" means. + * + * The problem of determining which expression flows where is reduced to a graph problem. + * The edges in the graph represent inlining of a predicate or lifting of a disjunction. + * The resulting graph is similar to the call/return edges from procedural languages, but with a + * few tweaks -- see `EdgeLabel`. + * + * Note that the "flows to" relation is symmetric, but variations like "flows to using call steps" are not. + * So we use the term "flows to" rather than a more naturally symmetric term like "unifiable with". + */ + +private import codeql_ql.ast.Ast +private import codeql_ql.dataflow.DataFlow +private import VarScoping + +cached +private module Cached { + /** + * An edge or a `Tracker` state. + * + * An edge represents a call site or a disjunction, and a `Tracker` state is an + * edge or one of the special values `NoEdge` or `HasCall`. + * + * The tracker state could be defined as + * ``` + * newtype TTracker = MkReturn(TEdgeLabel edge) or MkNoEdge() or MkHasCall() + * ``` + * but for efficiency, `TTracker` and `TEdgeLabel` have been merged. + */ + cached + newtype TEdgeLabelOrTrackerState = + MkCall(Call call) or + MkMemberToCharPred(ClassPredicate p) or // implicit call to charpred in a member predicate + MkTypeToCharPred(TypeExpr t) or // implicit call to charpred from a type annotation + MkDisjunction(DisjunctionOperator disj) or // "call" into a disjunction branch + MkNoEdge() or + MkHasCall() + + /** + * Label for a directed edge (see `EdgeLabel` class). + */ + class TEdgeLabel = MkCall or MkMemberToCharPred or MkTypeToCharPred or MkDisjunction; + + /** + * Holds if `argument` is passed to `parameter` via an edge of the given `edge`. + */ + cached + predicate directedEdge(Node argument, Node parameter, EdgeLabel edge) { + // Argument-passing via an explicit call + exists(Call call, Predicate target | + call.getTarget() = target and + edge = EdgeLabel::call(call) + | + exists(int i | + argument = astNode(call.getArgument(i)) and + parameter = astNode(target.getParameter(i)) + ) + or + argument = astNode(call.(MemberCall).getBase()) and + parameter = thisNode(target) + or + argument = astNode(call) and + parameter = resultNode(target) + ) + or + // Implicit charpred call in member predicate: passes `this` and each field to the charpred + exists(Class cls, ClassPredicate p | + p = cls.getAClassPredicate() and + edge = EdgeLabel::memberToCharPred(p) + | + argument = thisNode(p) and + parameter = thisNode(cls.getCharPred()) + or + exists(FieldDecl fieldDecl | + argument = fieldNode(p, fieldDecl) and + parameter = fieldNode(cls.getCharPred(), fieldDecl) + ) + ) + or + // Type test passes the tested value to the charpred of the type + exists(TypeExpr type | + edge = EdgeLabel::typeToCharPred(type) and + parameter = thisNode(type.getResolvedType().getDeclaration().(Class).getCharPred()) + | + exists(VarDecl var | + argument = [scopedVariable(var, _), astNode(var)] and + type = var.getTypeExpr() + ) + or + exists(Predicate p | + argument = resultNode(p) and + type = p.getReturnTypeExpr() + ) + or + exists(InlineCast cast | + argument = astNode(cast.getBase()) and + type = cast.getTypeExpr() + ) + or + exists(InstanceOf expr | + argument = astNode(expr.getExpr()) and + type = expr.getType() + ) + ) + or + // Flow between differently-scoped copies of the same variable, going into a disjunction + exists(VarDef var, AstNode inner, AstNode outer, DisjunctionOperator disjunction | + isRefinement(var, inner, outer) and + disjunction.getAnOperand() = inner and + edge = EdgeLabel::disjunction(disjunction) + | + // Scoped variable to an inner scoped variable + argument = scopedVariable(var, outer) and + parameter = scopedVariable(var, inner) and + // Avoid loop edge when a VarAccess is also a disjunct (because it's an element of a set literal) + argument != parameter + or + // VarDef to a scoped variable + outer = getVarDefScope(var) and + argument = astNode(var) and + parameter = scopedVariable(var, inner) + ) + or + // Flow into a set literal, similar to flow into disjunctions. + // If we consider a desugared set literal, `[x,y] -> any(T v | v = x or v = y)`, this edge + // corresponds to the edges going from `T v` to its scoped variables. + exists(Set set | + edge = EdgeLabel::disjunction(set) and + argument = astNode(set) and + parameter = astNode(set.getAnElement()) + ) + } + + /** + * Holds if `argument` is passed to `parameter` via an edge of the given `kind`. + * + * This is identical to `directedEdge` where the operands are mapped to their super nodes. + */ + cached + predicate directedEdgeSuper(SuperNode argument, SuperNode parameter, EdgeLabel edge) { + directedEdge(argument.getANode(), parameter.getANode(), edge) + } +} + +import Cached + +/** + * Label for a directed edge. + * + * This is either a call (implicit or explicit) or a disjunction. + * + * All edges are considered "call" edges in their default orientation (even disjunction edges). + * Flipping an edge turns it into a "return" edge (there is no separate label for return edges). + * + * Data flow allows any number of return edges followed by any number of call edges, + * with this additional rule: + * + * - The first call edge must not have the same label as the last return edge. + * + * The above rule is the reason this class exists. + * + * - The rule ensures flow cannot step out of a disjunction, and then + * into another branch of the same disjunction (because they'd use the same label). + * + * - A byproduct of the rule is that we cannot step directly into the call edge we just came from. + * We lose no real flow from this, as the flow direction can just flip one step earlier. + * + * - It would not be enough to only enforce this for disjunction edges, because it would + * allow the path to "reset" its last-used edge by stepping out of a call and + * immediately back in again (the kind of flow mentioned above). + */ +class EdgeLabel extends TEdgeLabel { + /** Gets a location associated with this edge label. */ + Location getLocation() { + exists(Call call | this = EdgeLabel::call(call) | result = call.getLocation()) + or + exists(ClassPredicate p | this = EdgeLabel::memberToCharPred(p) | result = p.getLocation()) + or + exists(TypeExpr t | this = EdgeLabel::typeToCharPred(t) | result = t.getLocation()) + or + exists(DisjunctionOperator disj | this = EdgeLabel::disjunction(disj) | + result = disj.getLocation() + ) + } + + /** Gets a string representation of this edge label. */ + string toString() { + exists(Call call | this = EdgeLabel::call(call) | + result = + call.toString() + ":" + call.getLocation().getStartLine() + ":" + + call.getLocation().getStartColumn() + ) + or + exists(ClassPredicate p | this = EdgeLabel::memberToCharPred(p) | + result = "MemberToCharPred call from " + p.getName() + ) + or + exists(TypeExpr t | this = EdgeLabel::typeToCharPred(t) | + result = "TypeToCharPred call from " + t.getResolvedType().getName() + ) + or + exists(DisjunctionOperator disj | this = EdgeLabel::disjunction(disj) | + result = + disj.toString() + ":" + disj.getLocation().getStartLine() + ":" + + disj.getLocation().getStartColumn() + ) + } +} + +module EdgeLabel { + /** Gets the edge label representing the given explicit call. */ + EdgeLabel call(Call call) { result = MkCall(call) } + + /** Gets the edge label for the implicit call to the charpred in a member predicate. */ + EdgeLabel memberToCharPred(ClassPredicate p) { result = MkMemberToCharPred(p) } + + /** Gets the edge label for the implicit call to the charpred from a type annotation. */ + EdgeLabel typeToCharPred(TypeExpr t) { result = MkTypeToCharPred(t) } + + /** Gets the edge label for the edge stepping into the given disjunction. */ + EdgeLabel disjunction(DisjunctionOperator disj) { result = MkDisjunction(disj) } +} diff --git a/ql/ql/src/codeql_ql/dataflow/internal/LocalFlow.qll b/ql/ql/src/codeql_ql/dataflow/internal/LocalFlow.qll new file mode 100644 index 00000000000..c58f9dedb32 --- /dev/null +++ b/ql/ql/src/codeql_ql/dataflow/internal/LocalFlow.qll @@ -0,0 +1,102 @@ +/** + * Models local flow edges. Each equivalence class in the local flow relation becomes a super node. + */ + +private import codeql_ql.dataflow.DataFlow +private import codeql_ql.ast.Ast +private import codeql_ql.ast.internal.AstNodeNumbering +private import NodesInternal +private import VarScoping +private import DataFlowNumbering + +private module Cached { + /** + * Holds if `x` and `y` are bound by an equality (intra-predicate only). + * + * This edge has no orientation, and is used to construct the equivalence relation. + * Each equivalence class becomes a `SuperNode`. + */ + private predicate localEdge(Node x, Node y) { + exists(AstNode a, AstNode b | + x = astNode(a) and + y = astNode(b) + | + // x ~ any(x) + a = b.(Any).getExpr(0) + or + // v ~ any(T v) + a = b.(Any).getArgument(0) + or + // x ~ x as VAR + a = b.(AsExpr).getInnerExpr() + or + // x ~ x.(Type) + a = b.(InlineCast).getBase() + or + // x = y ==> x ~ y + exists(ComparisonFormula compare | + compare.getOperator() = "=" and + a = compare.getLeftOperand() and + b = compare.getRightOperand() + ) + ) + or + // VarAccess -> ScopedVariable + exists(VarDef var, VarAccess access, VarAccessOrDisjunct scope | + isRefinement(var, access, scope) and + x = astNode(access) and + y = scopedVariable(var, scope) + ) + or + // VarAccess -> VarDef (if no refinement exists) + exists(VarDef var, VarAccess access | + isRefinement(var, access, getVarDefScope(var)) and + x = astNode(access) and + y = astNode(var) + ) + or + // result ~ enclosing 'result' node + x = resultNode(y.(AstNodeNode).getAstNode().(ResultAccess).getEnclosingPredicate()) + or + // this ~ enclosing 'this' node + x = thisNode(y.(AstNodeNode).getAstNode().(ThisAccess).getEnclosingPredicate()) + or + // f ~ enclosing field node for 'f' + exists(FieldAccess access | + x = astNode(access) and + y = fieldNode(access.getEnclosingPredicate(), access.getDeclaration()) + ) + or + // field declaration ~ field node in the charpred + exists(FieldDecl field, Class cls | + cls.getAField() = field and + x = astNode(field.getVarDecl()) and + y = fieldNode(cls.getCharPred(), field) + ) + } + + /** Like `localEdge` but the parameters are mapped to their internal ID. */ + private predicate rawLocalEdge(int x, int y) { + exists(Node a, Node b | + localEdge(a, b) and + x = getInternalId(a) and + y = getInternalId(b) + ) + or + // Ensure a representative is generated for singleton components + x = getInternalId(_) and + y = x + } + + /** Gets the representative for the equivalence class containing the node with ID `x`. */ + private int getRawRepr(int x) = equivalenceRelation(rawLocalEdge/2)(x, result) + + /** Gets the ID for the equivalence class containing `node`. */ + cached + int getRepr(Node node) { result = getRawRepr(getInternalId(node)) } + + cached + newtype TSuperNode = MkSuperNode(int repr) { repr = getRepr(_) } +} + +import Cached diff --git a/ql/ql/src/codeql_ql/dataflow/internal/NodesInternal.qll b/ql/ql/src/codeql_ql/dataflow/internal/NodesInternal.qll new file mode 100644 index 00000000000..399e43eced3 --- /dev/null +++ b/ql/ql/src/codeql_ql/dataflow/internal/NodesInternal.qll @@ -0,0 +1,24 @@ +private import codeql_ql.ast.Ast +private import VarScoping + +newtype TNode = + MkAstNodeNode(AstNode node) { + node instanceof Expr or + node instanceof VarDef + } or + MkScopedVariable(VarDef var, AstNode scope) { + isRefinement(var, _, scope) and + not scope = getVarDefScope(var) + } or + MkThisNode(Predicate pred) { + pred instanceof ClassPredicate or + pred instanceof CharPred or + pred instanceof NewTypeBranch + } or + MkResultNode(Predicate pred) { exists(pred.getReturnTypeExpr()) } or + MkFieldNode(Predicate pred, FieldDecl fieldDecl) { + // TODO: should this be omitted when the field is not referenced? + fieldDecl.getVarDecl() = pred.(ClassPredicate).getDeclaringType().getField(_) + or + fieldDecl.getVarDecl() = pred.(CharPred).getDeclaringType().getField(_) + } diff --git a/ql/ql/src/codeql_ql/dataflow/internal/VarScoping.qll b/ql/ql/src/codeql_ql/dataflow/internal/VarScoping.qll new file mode 100644 index 00000000000..830a52b008b --- /dev/null +++ b/ql/ql/src/codeql_ql/dataflow/internal/VarScoping.qll @@ -0,0 +1,115 @@ +/** + * Computes scopes in which it is safe to unify all uses of a given variable. + * + * It is not accurate to unify variables across a disjunction, so the scope of a variable + * is restricted to its nearest enclosing disjunction operand ("disjunct"). + * At such a disjunct, we introduce a "refinement" of the variable, which is seen as a + * redefinition of the variable within that disjunct. + * + * In principle this should also be done for `this`, `result`, and local field variables + * but currently it is not. + */ + +private import codeql_ql.ast.Ast +private import codeql_ql.ast.internal.AstNodeNumbering + +/** Gets the disjunction immediately containing another disjunction `inner`. */ +private Disjunction getOuterDisjunction(Disjunction inner) { result.getAnOperand() = inner } + +/** + * Get the root of a disjunction tree containing `f`, if any. + */ +private Disjunction getRootDisjunction(Disjunction f) { + not exists(getOuterDisjunction(result)) and + result = getOuterDisjunction(f) + or + result = getRootDisjunction(getOuterDisjunction(f)) +} + +/** Get the root disjunction for `f` if there is one, other gets `f` itself. */ +pragma[inline] +private AstNode tryGetRootDisjunction(AstNode f) { + result = getRootDisjunction(f) + or + not exists(getRootDisjunction(f)) and + result = f +} + +AstNode getADisjunctionOperand(AstNode disjunction) { + exists(Disjunction d | + result = d.getAnOperand() and + // skip intermediate nodes in large disjunctions + disjunction = tryGetRootDisjunction(d) and + not result instanceof Disjunction + ) + or + result = disjunction.(Implication).getAChild() + or + result = disjunction.(IfFormula).getThenPart() + or + result = disjunction.(IfFormula).getElsePart() + or + exists(Forall all | + disjunction = all and + exists(all.getFormula()) and + exists(all.getRange()) and + result = [all.getRange(), all.getFormula()] + ) + or + result = disjunction.(Set).getAnElement() +} + +/** + * A node that acts as a disjunction: + * - The root in a tree of `or` operators, or + * - An `implies`, `if`, `forall`, or set literal. + */ +class DisjunctionOperator extends AstNode { + DisjunctionOperator() { exists(getADisjunctionOperand(this)) } + + AstNode getAnOperand() { result = getADisjunctionOperand(this) } +} + +/** + * Gets the scope of `var`, such as the predicate or `exists` clause that binds it. + */ +AstNode getVarDefScope(VarDef var) { + // TODO: not valid for `as` expressions + result = var.getParent() +} + +/** A `VarAccess` or disjunct, representing the input to refinement of a variable. */ +class VarAccessOrDisjunct = AstNode; + +/** + * Walks upwards from an access to `varDef` until encountering either the scope of `varDef` + * or a disjunct. When a disjunct is found, the disjunct becomes the new `access`, representing + * a refinement we intend to insert there. + */ +private AstNode getVarScope(VarDef varDef, VarAccessOrDisjunct access) { + access.(VarAccess).getDeclaration() = varDef and + result = access + or + exists(AstNode scope | scope = getVarScope(varDef, access) | + not scope = getADisjunctionOperand(_) and + not scope = getVarDefScope(varDef) and + result = scope.getParent() + ) + or + isRefinement(varDef, _, access) and + result = tryGetRootDisjunction(access.getParent()) +} + +/** + * Holds if `inner` should be seen as a refinement of `outer`. + * + * `outer` is always a disjunct, and `inner` is either a `VarAccess` or another disjunct. + */ +predicate isRefinement(VarDef varDef, VarAccessOrDisjunct inner, VarAccessOrDisjunct outer) { + getVarScope(varDef, inner) = outer and + ( + outer = getADisjunctionOperand(_) + or + outer = getVarDefScope(varDef) + ) +} diff --git a/ql/ql/src/queries/reports/FrameworkCoverage.ql b/ql/ql/src/queries/reports/FrameworkCoverage.ql new file mode 100644 index 00000000000..7f5eb7f5310 --- /dev/null +++ b/ql/ql/src/queries/reports/FrameworkCoverage.ql @@ -0,0 +1,104 @@ +/** + * An experimental and incomplete query for measuring framework coverage + * for models implemented in CodeQL. + * + * Currently only supports JavaScript models, and simply lists the package names + * alongside the named features accessed on such a package. + */ + +import ql +import codeql_ql.ast.internal.AstNodes +import codeql_ql.dataflow.DataFlow as DataFlow + +predicate isExcludedFile(File file) { + file.getAbsolutePath().matches(["%ql/experimental/%", "%ql/test/%"]) +} + +class PackageImportCall extends PredicateCall { + PackageImportCall() { + this.getQualifier().getName() = ["API", "DataFlow"] and + this.getPredicateName() = ["moduleImport", "moduleMember"] and + not isExcludedFile(getLocation().getFile()) + } + + /** Gets the name of a package referenced by this call */ + string getAPackageName() { result = DataFlow::superNode(getArgument(0)).getAStringValueNoCall() } +} + +/** Gets a reference to `package` or any transitive member thereof. */ +DataFlow::SuperNode getADerivedRef(string package, DataFlow::Tracker t) { + t.start() and + result.asAstNode().(PackageImportCall).getAPackageName() = package + or + exists(DataFlow::Tracker t2 | result = getADerivedRef(package, t2).track(t2, t)) + or + result.asAstNode() = getADerivedCall(package, t) +} + +/** Gets a call which models some aspect of `package`. */ +MemberCall getADerivedCall(string package, DataFlow::Tracker t) { + result = getADerivedRef(package, t).getALocalMemberCall() and + not result.(Expr).getType().getName() = ["int", "string"] +} + +/** + * Gets an expression whose string-value is the name of a member accessed from `package`, + * where the underlying package node was tracked here using `t`. + */ +Expr getAFeatureUse(string package, DataFlow::Tracker t) { + exists(MemberCall call | call = getADerivedCall(package, t) | + call.getMemberName() = + [ + "getMember", "getAPropertyRead", "getAPropertyWrite", "getAPropertyReference", + "getAPropertySource", "getAMethodCall", "getAMemberCall" + ] and + result = call.getArgument(0) + or + call.getMemberName() = "getOptionArgument" and + result = call.getArgument(1) + ) + or + t.start() and + exists(PackageImportCall call | + call.getAPackageName() = package and + call.getPredicateName() = "moduleMember" and + result = call.getArgument(1) + ) +} + +/** + * Gets the name of a feature accessed as `use`. + */ +string getAFeatureName(string package, Expr use) { + exists(DataFlow::Tracker t | + use = getAFeatureUse(package, t) and + result = DataFlow::superNode(use).getAStringValueForContext(t) + ) +} + +query predicate packageFeatures(string package, string features) { + // TODO: 'express' still missing features from request objects - likely subclassing-related + package = any(PackageImportCall call).getAPackageName() and + features = concat(getAFeatureName(package, _), ", ") +} + +/** Holds if `cls` extends an abstract class from another file. */ +predicate isCrossFileContribution(Class cls) { + exists(Class sup | + cls.getASuperType().getResolvedType().getDeclaration() = sup and + sup.isAbstract() and + sup.getLocation().getFile() != cls.getLocation().getFile() + ) +} + +query predicate packageConcepts(string package, Class concept) { + package = any(PackageImportCall call).getAPackageName() and + getADerivedRef(package, DataFlow::Tracker::endNoCall()).getANode() = + DataFlow::thisNode(concept.getCharPred()) and + isCrossFileContribution(concept) +} + +query predicate importWithoutPackageName(PackageImportCall call, string path) { + not exists(call.getAPackageName()) and + path = call.getLocation().getFile().getRelativePath() +} diff --git a/ql/ql/test/TestUtilities/InlineExpectationsTest.qll b/ql/ql/test/TestUtilities/InlineExpectationsTest.qll new file mode 100644 index 00000000000..a4d264b2703 --- /dev/null +++ b/ql/ql/test/TestUtilities/InlineExpectationsTest.qll @@ -0,0 +1,365 @@ +/** + * Provides a library for writing QL tests whose success or failure is based on expected results + * embedded in the test source code as comments, rather than the contents of an `.expected` file + * (in that the `.expected` file should always be empty). + * + * To add this framework to a new language: + * - Add a file `InlineExpectationsTestPrivate.qll` that defines a `ExpectationComment` class. This class + * must support a `getContents` method that returns the contents of the given comment, _excluding_ + * the comment indicator itself. It should also define `toString` and `getLocation` as usual. + * + * To create a new inline expectations test: + * - Declare a class that extends `InlineExpectationsTest`. In the characteristic predicate of the + * new class, bind `this` to a unique string (usually the name of the test). + * - Override the `hasActualResult()` predicate to produce the actual results of the query. For each + * result, specify a `Location`, a text description of the element for which the result was + * reported, a short string to serve as the tag to identify expected results for this test, and the + * expected value of the result. + * - Override `getARelevantTag()` to return the set of tags that can be produced by + * `hasActualResult()`. Often this is just a single tag. + * + * Example: + * ```ql + * class ConstantValueTest extends InlineExpectationsTest { + * ConstantValueTest() { this = "ConstantValueTest" } + * + * override string getARelevantTag() { + * // We only use one tag for this test. + * result = "const" + * } + * + * override predicate hasActualResult( + * Location location, string element, string tag, string value + * ) { + * exists(Expr e | + * tag = "const" and // The tag for this test. + * value = e.getValue() and // The expected value. Will only hold for constant expressions. + * location = e.getLocation() and // The location of the result to be reported. + * element = e.toString() // The display text for the result. + * ) + * } + * } + * ``` + * + * There is no need to write a `select` clause or query predicate. All of the differences between + * expected results and actual results will be reported in the `failures()` query predicate. + * + * To annotate the test source code with an expected result, place a comment starting with a `$` on the + * same line as the expected result, with text of the following format as the body of the comment: + * + * `tag=expected-value` + * + * Where `tag` is the value of the `tag` parameter from `hasActualResult()`, and `expected-value` is + * the value of the `value` parameter from `hasActualResult()`. The `=expected-value` portion may be + * omitted, in which case `expected-value` is treated as the empty string. Multiple expectations may + * be placed in the same comment. Any actual result that + * appears on a line that does not contain a matching expected result comment will be reported with + * a message of the form "Unexpected result: tag=value". Any expected result comment for which there + * is no matching actual result will be reported with a message of the form + * "Missing result: tag=expected-value". + * + * Example: + * ```cpp + * int i = x + 5; // $ const=5 + * int j = y + (7 - 3) // $ const=7 const=3 const=4 // The result of the subtraction is a constant. + * ``` + * + * For tests that contain known missing and spurious results, it is possible to further + * annotate that a particular expected result is known to be spurious, or that a particular + * missing result is known to be missing: + * + * `$ SPURIOUS: tag=expected-value` // Spurious result + * `$ MISSING: tag=expected-value` // Missing result + * + * A spurious expectation is treated as any other expected result, except that if there is no + * matching actual result, the message will be of the form "Fixed spurious result: tag=value". A + * missing expectation is treated as if there were no expected result, except that if a + * matching expected result is found, the message will be of the form + * "Fixed missing result: tag=value". + * + * A single line can contain all the expected, spurious and missing results of that line. For instance: + * `$ tag1=value1 SPURIOUS: tag2=value2 MISSING: tag3=value3`. + * + * If the same result value is expected for two or more tags on the same line, there is a shorthand + * notation available: + * + * `tag1,tag2=expected-value` + * + * is equivalent to: + * + * `tag1=expected-value tag2=expected-value` + */ + +private import InlineExpectationsTestPrivate + +/** + * The base class for tests with inline expectations. The test extends this class to provide the actual + * results of the query, which are then compared with the expected results in comments to produce a + * list of failure messages that point out where the actual results differ from the expected + * results. + */ +abstract class InlineExpectationsTest extends string { + bindingset[this] + InlineExpectationsTest() { any() } + + /** + * Returns all tags that can be generated by this test. Most tests will only ever produce a single + * tag. Any expected result comments for a tag that is not returned by the `getARelevantTag()` + * predicate for an active test will be ignored. This makes it possible to write multiple tests in + * different `.ql` files that all query the same source code. + */ + abstract string getARelevantTag(); + + /** + * Returns the actual results of the query that is being tested. Each result consist of the + * following values: + * - `location` - The source code location of the result. Any expected result comment must appear + * on the start line of this location. + * - `element` - Display text for the element on which the result is reported. + * - `tag` - The tag that marks this result as coming from this test. This must be one of the tags + * returned by `getARelevantTag()`. + * - `value` - The value of the result, which will be matched against the value associated with + * `tag` in any expected result comment on that line. + */ + abstract predicate hasActualResult(Location location, string element, string tag, string value); + + /** + * Holds if there is an optional result on the specified location. + * + * This is similar to `hasActualResult`, but returns results that do not require a matching annotation. + * A failure will still arise if there is an annotation that does not match any results, but not vice versa. + * Override this predicate to specify optional results. + */ + predicate hasOptionalResult(Location location, string element, string tag, string value) { + none() + } + + final predicate hasFailureMessage(FailureLocatable element, string message) { + exists(ActualResult actualResult | + actualResult.getTest() = this and + element = actualResult and + ( + exists(FalseNegativeExpectation falseNegative | + falseNegative.matchesActualResult(actualResult) and + message = "Fixed missing result:" + falseNegative.getExpectationText() + ) + or + not exists(ValidExpectation expectation | expectation.matchesActualResult(actualResult)) and + message = "Unexpected result: " + actualResult.getExpectationText() and + not actualResult.isOptional() + ) + ) + or + exists(ValidExpectation expectation | + not exists(ActualResult actualResult | expectation.matchesActualResult(actualResult)) and + expectation.getTag() = getARelevantTag() and + element = expectation and + ( + expectation instanceof GoodExpectation and + message = "Missing result:" + expectation.getExpectationText() + or + expectation instanceof FalsePositiveExpectation and + message = "Fixed spurious result:" + expectation.getExpectationText() + ) + ) + or + exists(InvalidExpectation expectation | + element = expectation and + message = "Invalid expectation syntax: " + expectation.getExpectation() + ) + } +} + +/** + * RegEx pattern to match a comment containing one or more expected results. The comment must have + * `$` as its first non-whitespace character. Any subsequent character + * is treated as part of the expected results, except that the comment may contain a `//` sequence + * to treat the remainder of the line as a regular (non-interpreted) comment. + */ +private string expectationCommentPattern() { result = "\\s*\\$((?:[^/]|/[^/])*)(?://.*)?" } + +/** + * The possible columns in an expectation comment. The `TDefaultColumn` branch represents the first + * column in a comment. This column is not precedeeded by a name. `TNamedColumn(name)` represents a + * column containing expected results preceeded by the string `name:`. + */ +private newtype TColumn = + TDefaultColumn() or + TNamedColumn(string name) { name = ["MISSING", "SPURIOUS"] } + +bindingset[start, content] +private int getEndOfColumnPosition(int start, string content) { + result = + min(string name, int cand | + exists(TNamedColumn(name)) and + cand = content.indexOf(name + ":") and + cand >= start + | + cand + ) + or + not exists(string name | + exists(TNamedColumn(name)) and + content.indexOf(name + ":") >= start + ) and + result = content.length() +} + +private predicate getAnExpectation( + ExpectationComment comment, TColumn column, string expectation, string tags, string value +) { + exists(string content | + content = comment.getContents().regexpCapture(expectationCommentPattern(), 1) and + ( + column = TDefaultColumn() and + exists(int end | + end = getEndOfColumnPosition(0, content) and + expectation = content.prefix(end).regexpFind(expectationPattern(), _, _).trim() + ) + or + exists(string name, int start, int end | + column = TNamedColumn(name) and + start = content.indexOf(name + ":") + name.length() + 1 and + end = getEndOfColumnPosition(start, content) and + expectation = content.substring(start, end).regexpFind(expectationPattern(), _, _).trim() + ) + ) + ) and + tags = expectation.regexpCapture(expectationPattern(), 1) and + if exists(expectation.regexpCapture(expectationPattern(), 2)) + then value = expectation.regexpCapture(expectationPattern(), 2) + else value = "" +} + +private string getColumnString(TColumn column) { + column = TDefaultColumn() and result = "" + or + column = TNamedColumn(result) +} + +/** + * RegEx pattern to match a single expected result, not including the leading `$`. It consists of one or + * more comma-separated tags containing only letters, digits, `-` and `_` (note that the first character + * must not be a digit), optionally followed by `=` and the expected value. + */ +private string expectationPattern() { + exists(string tag, string tags, string value | + tag = "[A-Za-z-_][A-Za-z-_0-9]*" and + tags = "((?:" + tag + ")(?:\\s*,\\s*" + tag + ")*)" and + // In Python, we allow both `"` and `'` for strings, as well as the prefixes `bru`. + // For example, `b"foo"`. + value = "((?:[bru]*\"[^\"]*\"|[bru]*'[^']*'|\\S+)*)" and + result = tags + "(?:=" + value + ")?" + ) +} + +private newtype TFailureLocatable = + TActualResult( + InlineExpectationsTest test, Location location, string element, string tag, string value, + boolean optional + ) { + test.hasActualResult(location, element, tag, value) and + optional = false + or + test.hasOptionalResult(location, element, tag, value) and optional = true + } or + TValidExpectation(ExpectationComment comment, string tag, string value, string knownFailure) { + exists(TColumn column, string tags | + getAnExpectation(comment, column, _, tags, value) and + tag = tags.splitAt(",") and + knownFailure = getColumnString(column) + ) + } or + TInvalidExpectation(ExpectationComment comment, string expectation) { + getAnExpectation(comment, _, expectation, _, _) and + not expectation.regexpMatch(expectationPattern()) + } + +class FailureLocatable extends TFailureLocatable { + string toString() { none() } + + Location getLocation() { none() } + + final string getExpectationText() { result = getTag() + "=" + getValue() } + + string getTag() { none() } + + string getValue() { none() } +} + +class ActualResult extends FailureLocatable, TActualResult { + InlineExpectationsTest test; + Location location; + string element; + string tag; + string value; + boolean optional; + + ActualResult() { this = TActualResult(test, location, element, tag, value, optional) } + + override string toString() { result = element } + + override Location getLocation() { result = location } + + InlineExpectationsTest getTest() { result = test } + + override string getTag() { result = tag } + + override string getValue() { result = value } + + predicate isOptional() { optional = true } +} + +abstract private class Expectation extends FailureLocatable { + ExpectationComment comment; + + override string toString() { result = comment.toString() } + + override Location getLocation() { result = comment.getLocation() } +} + +private class ValidExpectation extends Expectation, TValidExpectation { + string tag; + string value; + string knownFailure; + + ValidExpectation() { this = TValidExpectation(comment, tag, value, knownFailure) } + + override string getTag() { result = tag } + + override string getValue() { result = value } + + string getKnownFailure() { result = knownFailure } + + predicate matchesActualResult(ActualResult actualResult) { + getLocation().getStartLine() = actualResult.getLocation().getStartLine() and + getLocation().getFile() = actualResult.getLocation().getFile() and + getTag() = actualResult.getTag() and + getValue() = actualResult.getValue() + } +} + +/* Note: These next three classes correspond to all the possible values of type `TColumn`. */ +class GoodExpectation extends ValidExpectation { + GoodExpectation() { getKnownFailure() = "" } +} + +class FalsePositiveExpectation extends ValidExpectation { + FalsePositiveExpectation() { getKnownFailure() = "SPURIOUS" } +} + +class FalseNegativeExpectation extends ValidExpectation { + FalseNegativeExpectation() { getKnownFailure() = "MISSING" } +} + +class InvalidExpectation extends Expectation, TInvalidExpectation { + string expectation; + + InvalidExpectation() { this = TInvalidExpectation(comment, expectation) } + + string getExpectation() { result = expectation } +} + +query predicate failures(FailureLocatable element, string message) { + exists(InlineExpectationsTest test | test.hasFailureMessage(element, message)) +} diff --git a/ql/ql/test/TestUtilities/InlineExpectationsTestPrivate.qll b/ql/ql/test/TestUtilities/InlineExpectationsTestPrivate.qll new file mode 100644 index 00000000000..ea0a3f5fe25 --- /dev/null +++ b/ql/ql/test/TestUtilities/InlineExpectationsTestPrivate.qll @@ -0,0 +1,22 @@ +import ql +private import codeql_ql.ast.internal.TreeSitter + +private newtype TExpectationComment = MkExpectationComment(QL::LineComment comment) + +/** + * Represents a line comment. + */ +class ExpectationComment extends TExpectationComment { + QL::LineComment comment; + + ExpectationComment() { this = MkExpectationComment(comment) } + + /** Returns the contents of the given comment, _without_ the preceding comment marker (`//`). */ + string getContents() { result = comment.getValue().suffix(2) } + + /** Gets a textual representation of this element. */ + string toString() { result = comment.toString() } + + /** Gets the location of this comment. */ + Location getLocation() { result = comment.getLocation() } +} diff --git a/ql/ql/test/dataflow/getAStringValue/Foo.qll b/ql/ql/test/dataflow/getAStringValue/Foo.qll new file mode 100644 index 00000000000..66f136a41a4 --- /dev/null +++ b/ql/ql/test/dataflow/getAStringValue/Foo.qll @@ -0,0 +1,79 @@ +predicate isLeft(string s) { none() } + +predicate isRight(string s) { none() } + +predicate disjunct() { + exists(string x | + x = "left_1" and + isLeft(x) // $ getAStringValue=left_1 + or + x = "right_1" and + isRight(x) // $ getAStringValue=right_1 + ) +} + +string sourceLeft2() { result = "left_2" } + +predicate sinkLeft2(string x) { + isLeft(x) // $ getAStringValue=left_2 +} + +string sourceRight2() { result = "right_2" } + +predicate sinkRight2(string x) { + isRight(x) // $ getAStringValue=right_2 +} + +predicate disjunctViaCall() { + exists(string x | + x = sourceLeft2() and + sinkLeft2(x) // $ getAStringValue=left_2 + or + x = sourceRight2() and + sinkRight2(x) // $ getAStringValue=right_2 + ) +} + +predicate distribute() { + exists(string x | + x = "left_3" + or + x = "right_3" + | + isLeft(x) // $ getAStringValue=left_3 getAStringValue=right_3 + or + isRight(x) // $ getAStringValue=left_3 getAStringValue=right_3 + ) +} + +predicate distributeSet() { + exists(string x | x = ["left_4", "right_4"] | + isLeft(x) // $ getAStringValue=left_4 getAStringValue=right_4 + or + isRight(x) // $ getAStringValue=left_4 getAStringValue=right_4 + ) +} + +predicate noFlowBackOut() { + exists(string x | + isLeft(x) // no value + ) +} + +class StringClass extends string { + StringClass() { this = "StringClass" } +} + +class FieldClass extends int { + StringClass field; + + FieldClass() { this = 0 } + + StringClass getField() { result = field } +} + +predicate isStringClass(string s) { none() } + +predicate test() { + isStringClass(any(FieldClass f).getField()) // $ getAStringValue=StringClass +} diff --git a/ql/ql/test/dataflow/getAStringValue/getAStringValue.expected b/ql/ql/test/dataflow/getAStringValue/getAStringValue.expected new file mode 100644 index 00000000000..e69de29bb2d diff --git a/ql/ql/test/dataflow/getAStringValue/getAStringValue.ql b/ql/ql/test/dataflow/getAStringValue/getAStringValue.ql new file mode 100644 index 00000000000..82534f535fe --- /dev/null +++ b/ql/ql/test/dataflow/getAStringValue/getAStringValue.ql @@ -0,0 +1,19 @@ +import ql +import codeql_ql.dataflow.DataFlow +import TestUtilities.InlineExpectationsTest + +class GetAStringValueTest extends InlineExpectationsTest { + GetAStringValueTest() { this = "getAStringValue" } + + override string getARelevantTag() { result = "getAStringValue" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + exists(Expr e | + e = any(Call c).getAnArgument() and + tag = "getAStringValue" and + value = superNode(e).getAStringValue() and + location = e.getLocation() and + element = e.toString() + ) + } +} diff --git a/ql/ql/test/printAst/printAst.expected b/ql/ql/test/printAst/printAst.expected index 3d1e86a7c92..603608355d7 100644 --- a/ql/ql/test/printAst/printAst.expected +++ b/ql/ql/test/printAst/printAst.expected @@ -265,8 +265,6 @@ edges | Foo.qll:6:23:6:36 | ComparisonFormula | Foo.qll:6:23:6:28 | result | semmle.order | 11 | | Foo.qll:6:23:6:36 | ComparisonFormula | Foo.qll:6:32:6:36 | String | semmle.label | getRightOperand() | | Foo.qll:6:23:6:36 | ComparisonFormula | Foo.qll:6:32:6:36 | String | semmle.order | 13 | -| Foo.qll:9:1:9:5 | annotation | Foo.qll:9:1:9:5 | annotation | semmle.label | getAnAnnotation() | -| Foo.qll:9:1:9:5 | annotation | Foo.qll:9:1:9:5 | annotation | semmle.order | 14 | | Foo.qll:9:7:11:1 | ClasslessPredicate foo | Foo.qll:9:1:9:5 | annotation | semmle.label | getAnAnnotation() | | Foo.qll:9:7:11:1 | ClasslessPredicate foo | Foo.qll:9:1:9:5 | annotation | semmle.order | 14 | | Foo.qll:9:7:11:1 | ClasslessPredicate foo | Foo.qll:9:21:9:25 | f | semmle.label | getParameter(_) | diff --git a/ruby/ql/examples/qlpack.yml b/ruby/ql/examples/qlpack.yml index fbc91f7ec1a..583f9fc21cc 100644 --- a/ruby/ql/examples/qlpack.yml +++ b/ruby/ql/examples/qlpack.yml @@ -3,4 +3,4 @@ groups: - ruby - examples dependencies: - codeql/ruby-all: ^0.0.2 + codeql/ruby-all: "*" diff --git a/ruby/ql/lib/CHANGELOG.md b/ruby/ql/lib/CHANGELOG.md index 1c0bd7abbbc..e1a4a6aeaf5 100644 --- a/ruby/ql/lib/CHANGELOG.md +++ b/ruby/ql/lib/CHANGELOG.md @@ -1,3 +1,26 @@ +## 0.0.13 + +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* `getConstantValue()` now returns the contents of strings and symbols after escape sequences have been interpreted. For example, for the Ruby string literal `"\n"`, `getConstantValue().getString()` previously returned a QL string with two characters, a backslash followed by `n`; now it returns the single-character string "\n" (U+000A, known as newline). +* `getConstantValue().getInt()` previously returned incorrect values for integers larger than 231-1 (the largest value that can be represented by the QL `int` type). It now returns no result in those cases. +* Added `OrmWriteAccess` concept to model data written to a database using an object-relational mapping (ORM) library. + ## 0.0.11 ### Minor Analysis Improvements diff --git a/ruby/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md b/ruby/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md deleted file mode 100644 index a79f286aacd..00000000000 --- a/ruby/ql/lib/change-notes/2022-02-07-deprecated-acronyms.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: deprecated ---- -* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. - The old name still exists as a deprecated alias. \ No newline at end of file diff --git a/ruby/ql/lib/change-notes/2022-02-28-orm-write-access.md b/ruby/ql/lib/change-notes/2022-02-28-orm-write-access.md deleted file mode 100644 index f1320322287..00000000000 --- a/ruby/ql/lib/change-notes/2022-02-28-orm-write-access.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: minorAnalysis ---- -* Added `OrmWriteAccess` concept to model data written to a database using an object-relational mapping (ORM) library. diff --git a/ruby/ql/lib/change-notes/2022-03-14-flow-state-barriers.md b/ruby/ql/lib/change-notes/2022-03-14-flow-state-barriers.md deleted file mode 100644 index af6247a66fa..00000000000 --- a/ruby/ql/lib/change-notes/2022-03-14-flow-state-barriers.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: feature ---- -* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. diff --git a/ruby/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md b/ruby/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md deleted file mode 100644 index 3481d507db3..00000000000 --- a/ruby/ql/lib/change-notes/2022-03-14-taint-interface-cleanup.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: breaking ---- -* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. diff --git a/ruby/ql/lib/change-notes/2022-03-16-string-escape-sequences.md b/ruby/ql/lib/change-notes/2022-03-16-string-escape-sequences.md deleted file mode 100644 index 97b716e2bde..00000000000 --- a/ruby/ql/lib/change-notes/2022-03-16-string-escape-sequences.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -category: minorAnalysis ---- -* `getConstantValue()` now returns the contents of strings and symbols after escape sequences have been interpreted. For example, for the Ruby string literal `"\n"`, `getConstantValue().getString()` previously returned a QL string with two characters, a backslash followed by `n`; now it returns the single-character string "\n" (U+000A, known as newline). -* `getConstantValue().getInt()` previously returned incorrect values for integers larger than 231-1 (the largest value that can be represented by the QL `int` type). It now returns no result in those cases. diff --git a/ruby/ql/lib/change-notes/released/0.0.12.md b/ruby/ql/lib/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..21ffbedb6bc --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.0.12.md @@ -0,0 +1,20 @@ +## 0.0.12 + +### Breaking Changes + +* The flow state variants of `isBarrier` and `isAdditionalFlowStep` are no longer exposed in the taint tracking library. The `isSanitizer` and `isAdditionalTaintStep` predicates should be used instead. + +### Deprecated APIs + +* Many classes/predicates/modules that had upper-case acronyms have been renamed to follow our style-guide. + The old name still exists as a deprecated alias. + +### New Features + +* The data flow and taint tracking libraries have been extended with versions of `isBarrierIn`, `isBarrierOut`, and `isBarrierGuard`, respectively `isSanitizerIn`, `isSanitizerOut`, and `isSanitizerGuard`, that support flow states. + +### Minor Analysis Improvements + +* `getConstantValue()` now returns the contents of strings and symbols after escape sequences have been interpreted. For example, for the Ruby string literal `"\n"`, `getConstantValue().getString()` previously returned a QL string with two characters, a backslash followed by `n`; now it returns the single-character string "\n" (U+000A, known as newline). +* `getConstantValue().getInt()` previously returned incorrect values for integers larger than 231-1 (the largest value that can be represented by the QL `int` type). It now returns no result in those cases. +* Added `OrmWriteAccess` concept to model data written to a database using an object-relational mapping (ORM) library. diff --git a/ruby/ql/lib/change-notes/released/0.0.13.md b/ruby/ql/lib/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/ruby/ql/lib/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/ruby/ql/lib/codeql-pack.release.yml b/ruby/ql/lib/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/ruby/ql/lib/codeql-pack.release.yml +++ b/ruby/ql/lib/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll index 9800e02ccf1..bb98acf0494 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll index 9800e02ccf1..bb98acf0494 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImpl2.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForLibraries.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForLibraries.qll index 9800e02ccf1..bb98acf0494 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForLibraries.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowImplForLibraries.qll @@ -1158,8 +1158,8 @@ private module Stage2 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } bindingset[node1, state1, config] bindingset[node2, state2, config] @@ -1246,7 +1246,7 @@ private module Stage2 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -1951,8 +1951,8 @@ private module Stage3 { bindingset[call, c, innercc] private CcNoCall getCallContextReturn(DataFlowCallable c, DataFlowCall call, Cc innercc) { any() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { any() } + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { any() } private predicate localStep( NodeEx node1, FlowState state1, NodeEx node2, FlowState state2, boolean preservesValue, @@ -2035,7 +2035,7 @@ private module Stage3 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -2765,12 +2765,11 @@ private module Stage4 { if reducedViableImplInReturn(c, call) then result = TReturn(c, call) else result = ccNone() } - bindingset[node, cc, config] - private LocalCc getLocalCc(NodeEx node, Cc cc, Configuration config) { + bindingset[node, cc] + private LocalCc getLocalCc(NodeEx node, Cc cc) { result = getLocalCallContext(pragma[only_bind_into](pragma[only_bind_out](cc)), - node.getEnclosingCallable()) and - exists(config) + node.getEnclosingCallable()) } private predicate localStep( @@ -2863,7 +2862,7 @@ private module Stage4 { or exists(NodeEx mid, FlowState state0, Ap ap0, LocalCc localCc | fwdFlow(mid, state0, cc, argAp, ap0, config) and - localCc = getLocalCc(mid, cc, config) + localCc = getLocalCc(mid, cc) | localStep(mid, state0, node, state, true, _, config, localCc) and ap = ap0 @@ -5048,6 +5047,7 @@ private module FlowExploration { ) } + pragma[nomagic] private predicate revPartialPathStep( PartialPathNodeRev mid, NodeEx node, FlowState state, TRevSummaryCtx1 sc1, TRevSummaryCtx2 sc2, TRevSummaryCtx3 sc3, RevPartialAccessPath ap, Configuration config diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll index 05145fc4917..02275337a4a 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPrivate.qll @@ -820,24 +820,13 @@ string ppReprType(DataFlowType t) { result = t.toString() } pragma[inline] predicate compatibleTypes(DataFlowType t1, DataFlowType t2) { any() } -/** - * A node associated with an object after an operation that might have - * changed its state. - * - * This can be either the argument to a callable after the callable returns - * (which might have mutated the argument), or the qualifier of a field after - * an update to the field. - * - * Nodes corresponding to AST elements, for example `ExprNode`, usually refer - * to the value before the update. - */ -abstract class PostUpdateNode extends Node { +abstract class PostUpdateNodeImpl extends Node { /** Gets the node before the state update. */ abstract Node getPreUpdateNode(); } private module PostUpdateNodes { - class ExprPostUpdateNode extends PostUpdateNode, NodeImpl, TExprPostUpdateNode { + class ExprPostUpdateNode extends PostUpdateNodeImpl, NodeImpl, TExprPostUpdateNode { private CfgNodes::ExprCfgNode e; ExprPostUpdateNode() { this = TExprPostUpdateNode(e) } @@ -851,7 +840,7 @@ private module PostUpdateNodes { override string toStringImpl() { result = "[post] " + e.toString() } } - private class SummaryPostUpdateNode extends SummaryNode, PostUpdateNode { + private class SummaryPostUpdateNode extends SummaryNode, PostUpdateNodeImpl { private Node pre; SummaryPostUpdateNode() { FlowSummaryImpl::Private::summaryPostUpdateNode(this, pre) } diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll index 74fe2fd2641..5e00e71e5f7 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/DataFlowPublic.qll @@ -121,6 +121,22 @@ class LocalSourceNode extends Node { LocalSourceNode backtrack(TypeBackTracker t2, TypeBackTracker t) { t2 = t.step(result, this) } } +/** + * A node associated with an object after an operation that might have + * changed its state. + * + * This can be either the argument to a callable after the callable returns + * (which might have mutated the argument), or the qualifier of a field after + * an update to the field. + * + * Nodes corresponding to AST elements, for example `ExprNode`, usually refer + * to the value before the update. + */ +class PostUpdateNode extends Node instanceof PostUpdateNodeImpl { + /** Gets the node before the state update. */ + Node getPreUpdateNode() { result = super.getPreUpdateNode() } +} + cached private predicate hasLocalSource(Node sink, Node source) { // Declaring `source` to be a `SourceNode` currently causes a redundant check in the diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll index 2ef2d847a3b..52701d1a118 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImpl.qll @@ -806,10 +806,10 @@ module Private { module External { /** Holds if `spec` is a relevant external specification. */ private predicate relevantSpec(string spec) { - summaryElement(_, spec, _, _) or - summaryElement(_, _, spec, _) or - sourceElement(_, spec, _) or - sinkElement(_, spec, _) + summaryElement(_, spec, _, _, _) or + summaryElement(_, _, spec, _, _) or + sourceElement(_, spec, _, _) or + sinkElement(_, spec, _, _) } private class AccessPathRange extends AccessPath::Range { @@ -875,13 +875,20 @@ module Private { } private class SummarizedCallableExternal extends SummarizedCallable { - SummarizedCallableExternal() { summaryElement(this, _, _, _) } + SummarizedCallableExternal() { summaryElement(this, _, _, _, _) } + + private predicate relevantSummaryElement(AccessPath inSpec, AccessPath outSpec, string kind) { + summaryElement(this, inSpec, outSpec, kind, false) + or + summaryElement(this, inSpec, outSpec, kind, true) and + not summaryElement(this, _, _, _, false) + } override predicate propagatesFlow( SummaryComponentStack input, SummaryComponentStack output, boolean preservesValue ) { exists(AccessPath inSpec, AccessPath outSpec, string kind | - summaryElement(this, inSpec, outSpec, kind) and + this.relevantSummaryElement(inSpec, outSpec, kind) and interpretSpec(inSpec, input) and interpretSpec(outSpec, output) | @@ -910,7 +917,7 @@ module Private { private predicate sourceElementRef(InterpretNode ref, AccessPath output, string kind) { exists(SourceOrSinkElement e | - sourceElement(e, output, kind) and + sourceElement(e, output, kind, _) and if outputNeedsReference(output.getToken(0)) then e = ref.getCallTarget() else e = ref.asElement() @@ -919,7 +926,7 @@ module Private { private predicate sinkElementRef(InterpretNode ref, AccessPath input, string kind) { exists(SourceOrSinkElement e | - sinkElement(e, input, kind) and + sinkElement(e, input, kind, _) and if inputNeedsReference(input.getToken(0)) then e = ref.getCallTarget() else e = ref.asElement() diff --git a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll index d3e6f71e253..7557a95ca80 100644 --- a/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/dataflow/internal/FlowSummaryImplSpecific.qll @@ -42,13 +42,17 @@ DataFlowType getCallbackReturnType(DataFlowType t, ReturnKind rk) { any() } /** * Holds if an external flow summary exists for `c` with input specification - * `input`, output specification `output`, and kind `kind`. + * `input`, output specification `output`, kind `kind`, and a flag `generated` + * stating whether the summary is autogenerated. */ -predicate summaryElement(DataFlowCallable c, string input, string output, string kind) { +predicate summaryElement( + DataFlowCallable c, string input, string output, string kind, boolean generated +) { exists(FlowSummary::SummarizedCallable sc, boolean preservesValue | sc.propagatesFlowExt(input, output, preservesValue) and c.asLibraryCallable() = sc and - if preservesValue = true then kind = "value" else kind = "taint" + (if preservesValue = true then kind = "value" else kind = "taint") and + generated = false ) } @@ -128,16 +132,18 @@ NormalReturnKind getReturnValueKind() { any() } */ private module UnusedSourceSinkInterpretation { /** - * Holds if an external source specification exists for `e` with output specification - * `output` and kind `kind`. + * Holds if an external source specification exists for `n` with output specification + * `output`, kind `kind`, and a flag `generated` stating whether the source specification is + * autogenerated. */ - predicate sourceElement(AstNode n, string output, string kind) { none() } + predicate sourceElement(AstNode n, string output, string kind, boolean generated) { none() } /** * Holds if an external sink specification exists for `n` with input specification - * `input` and kind `kind`. + * `input`, kind `kind` and a flag `generated` stating whether the sink specification is + * autogenerated. */ - predicate sinkElement(AstNode n, string input, string kind) { none() } + predicate sinkElement(AstNode n, string input, string kind, boolean generated) { none() } class SourceOrSinkElement = AstNode; diff --git a/ruby/ql/lib/codeql/ruby/security/InsecureDependencyQuery.qll b/ruby/ql/lib/codeql/ruby/security/InsecureDependencyQuery.qll new file mode 100644 index 00000000000..16ac6e05c92 --- /dev/null +++ b/ruby/ql/lib/codeql/ruby/security/InsecureDependencyQuery.qll @@ -0,0 +1,91 @@ +/** + * Provides predicates for reasoning about insecure dependency configurations. + */ + +private import ruby + +/** + * A method call in a Gemfile. + */ +private class GemfileMethodCall extends MethodCall { + GemfileMethodCall() { this.getLocation().getFile().getBaseName() = "Gemfile" } +} + +/** + * Method calls that configure gem dependencies and can specify (possibly insecure) URLs. + */ +abstract private class RelevantGemCall extends GemfileMethodCall { + abstract Expr getAUrlPart(); +} + +/** + * A call to `source`. + */ +private class SourceCall extends RelevantGemCall { + SourceCall() { this.getMethodName() = "source" } + + override Expr getAUrlPart() { result = this.getAnArgument() } +} + +/** + * A call to `git_source`. + */ +private class GitSourceCall extends RelevantGemCall { + GitSourceCall() { this.getMethodName() = "git_source" } + + override Expr getAUrlPart() { result = this.getBlock().getLastStmt() } +} + +/** + * A call to `gem`. + */ +private class GemCall extends RelevantGemCall { + GemCall() { this.getMethodName() = "gem" } + + override Expr getAUrlPart() { result = this.getKeywordArgument(["source", "git"]) } +} + +/** + * Holds if `s` is a URL with an insecure protocol. `proto` is the protocol. + */ +bindingset[s] +private predicate hasInsecureProtocol(string s, string proto) { + proto = s.regexpCapture("^(http|ftp):.+", 1).toUpperCase() +} + +/** + * Holds if `e` is a string containing a URL that uses the insecure protocol `proto`. + */ +private predicate containsInsecureUrl(Expr e, string proto) { + // Handle cases where the string as a whole has no constant value (due to interpolations) + // but has a known prefix. E.g. "http://#{foo}" + exists(StringComponent c | c = e.(StringlikeLiteral).getComponent(0) | + hasInsecureProtocol(c.getConstantValue().getString(), proto) + ) + or + hasInsecureProtocol(e.getConstantValue().getString(), proto) +} + +/** + * Returns the suggested protocol to use in place of the insecure protocol `proto`. + */ +bindingset[proto] +private string suggestedProtocol(string proto) { + proto = "HTTP" and result = "HTTPS" + or + proto = "FTP" and result = "FTPS or SFTP" +} + +/** + * Holds if `url` is a string containing a URL that uses an insecure protocol. + * `msg` is the alert message that will be displayed to the user. + */ +predicate insecureDependencyUrl(Expr url, string msg) { + exists(RelevantGemCall call, string proto | + url = call.getAUrlPart() and + containsInsecureUrl(url, proto) and + msg = + "Dependency source URL uses the unencrypted protocol " + proto + ". Use " + + suggestedProtocol(proto) + " instead." + ) +} diff --git a/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll b/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll index 1aeb5fe3a62..f7fa8d1189b 100644 --- a/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll +++ b/ruby/ql/lib/codeql/ruby/typetracking/TypeTrackerSpecific.qll @@ -147,7 +147,7 @@ predicate basicStoreStep(Node nodeFrom, Node nodeTo, string content) { // TODO: support SetterMethodCall inside TuplePattern exists(ExprNodes::MethodCallCfgNode call | content = getSetterCallAttributeName(call.getExpr()) and - nodeTo.(DataFlowPrivate::PostUpdateNode).getPreUpdateNode().asExpr() = call.getReceiver() and + nodeTo.(DataFlowPublic::PostUpdateNode).getPreUpdateNode().asExpr() = call.getReceiver() and call.getExpr() instanceof AST::SetterMethodCall and call.getArgument(call.getNumberOfArguments() - 1) = nodeFrom.(DataFlowPublic::ExprNode).getExprNode() diff --git a/ruby/ql/lib/qlpack.yml b/ruby/ql/lib/qlpack.yml index c02fb9c18cb..d9757511c9e 100644 --- a/ruby/ql/lib/qlpack.yml +++ b/ruby/ql/lib/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-all -version: 0.0.12-dev +version: 0.1.0-dev groups: ruby extractor: ruby dbscheme: ruby.dbscheme diff --git a/ruby/ql/src/CHANGELOG.md b/ruby/ql/src/CHANGELOG.md index 8fc4095d3bb..6846eaa20b8 100644 --- a/ruby/ql/src/CHANGELOG.md +++ b/ruby/ql/src/CHANGELOG.md @@ -1,3 +1,12 @@ +## 0.0.13 + +## 0.0.12 + +### New Queries + +* Added a new query, `rb/clear-text-storage-sensitive-data`. The query finds cases where sensitive information, such as user credentials, are stored as cleartext. +* Added a new query, `rb/incomplete-hostname-regexp`. The query finds instances where a hostname is incompletely sanitized due to an unescaped character in a regular expression. + ## 0.0.11 ## 0.0.10 diff --git a/ruby/ql/src/change-notes/2022-02-10-incomplete-hostname-regexp.md b/ruby/ql/src/change-notes/2022-02-10-incomplete-hostname-regexp.md deleted file mode 100644 index f87676dc188..00000000000 --- a/ruby/ql/src/change-notes/2022-02-10-incomplete-hostname-regexp.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `rb/incomplete-hostname-regexp`. The query finds instances where a hostname is incompletely sanitized due to an unescaped character in a regular expression. diff --git a/ruby/ql/src/change-notes/2022-03-05-rb-clear-text-storage-sensitive-data.md b/ruby/ql/src/change-notes/2022-03-05-rb-clear-text-storage-sensitive-data.md deleted file mode 100644 index c0586e52701..00000000000 --- a/ruby/ql/src/change-notes/2022-03-05-rb-clear-text-storage-sensitive-data.md +++ /dev/null @@ -1,4 +0,0 @@ ---- -category: newQuery ---- -* Added a new query, `rb/clear-text-storage-sensitive-data`. The query finds cases where sensitive information, such as user credentials, are stored as cleartext. diff --git a/ruby/ql/src/change-notes/2022-03-30-insecure-dependency.md b/ruby/ql/src/change-notes/2022-03-30-insecure-dependency.md new file mode 100644 index 00000000000..ba993869607 --- /dev/null +++ b/ruby/ql/src/change-notes/2022-03-30-insecure-dependency.md @@ -0,0 +1,4 @@ +--- +category: newQuery +--- +* Added a new query, `rb/insecure-dependency`. The query finds cases where Ruby gems may be downloaded over an insecure communication channel. \ No newline at end of file diff --git a/ruby/ql/src/change-notes/released/0.0.12.md b/ruby/ql/src/change-notes/released/0.0.12.md new file mode 100644 index 00000000000..346b09b1820 --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.0.12.md @@ -0,0 +1,6 @@ +## 0.0.12 + +### New Queries + +* Added a new query, `rb/clear-text-storage-sensitive-data`. The query finds cases where sensitive information, such as user credentials, are stored as cleartext. +* Added a new query, `rb/incomplete-hostname-regexp`. The query finds instances where a hostname is incompletely sanitized due to an unescaped character in a regular expression. diff --git a/ruby/ql/src/change-notes/released/0.0.13.md b/ruby/ql/src/change-notes/released/0.0.13.md new file mode 100644 index 00000000000..30ff8ab8dd0 --- /dev/null +++ b/ruby/ql/src/change-notes/released/0.0.13.md @@ -0,0 +1 @@ +## 0.0.13 diff --git a/ruby/ql/src/codeql-pack.release.yml b/ruby/ql/src/codeql-pack.release.yml index e679dc42092..044e54e4f7e 100644 --- a/ruby/ql/src/codeql-pack.release.yml +++ b/ruby/ql/src/codeql-pack.release.yml @@ -1,2 +1,2 @@ --- -lastReleaseVersion: 0.0.11 +lastReleaseVersion: 0.0.13 diff --git a/ruby/ql/src/qlpack.yml b/ruby/ql/src/qlpack.yml index f987a9ffd16..329f93c8631 100644 --- a/ruby/ql/src/qlpack.yml +++ b/ruby/ql/src/qlpack.yml @@ -1,5 +1,5 @@ name: codeql/ruby-queries -version: 0.0.12-dev +version: 0.1.0-dev groups: - ruby - queries diff --git a/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.qhelp b/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.qhelp new file mode 100644 index 00000000000..6241eb37db6 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.qhelp @@ -0,0 +1,54 @@ + + + + +

    +Using an insecure protocol like HTTP or FTP to download dependencies makes the build process vulnerable to a +man-in-the-middle (MITM) attack. +

    +

    +This can allow attackers to inject malicious code into the downloaded dependencies, and thereby +infect the build artifacts and execute arbitrary code on the machine building the artifacts. +

    + +     + + +

    Always use a secure protocol, such as HTTPS or SFTP, when downloading artifacts from a URL.

    + +     + + +

    +The below example shows a Gemfile that specifies a gem source using the insecure HTTP protocol. +

    + +

    +The fix is to change the protocol to HTTPS. +

    + +     + + +
  • + Jonathan Leitschuh: + + Want to take over the Java ecosystem? All you need is a MITM! + +
    • +
  • + Max Veytsman: + + How to take over the computer of any Java (or Clojure or Scala) Developer. + +
    • +
  • + Wikipedia: Supply chain attack. +
    • +
  • + Wikipedia: Man-in-the-middle attack. +
    • +     +     diff --git a/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.ql b/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.ql new file mode 100644 index 00000000000..0687717951c --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-300/InsecureDependencyResolution.ql @@ -0,0 +1,22 @@ +/** + * @name Dependency download using unencrypted communication channel + * @description Using unencrypted protocols to fetch dependencies can leave an application + * open to man-in-the-middle attacks. + * @kind problem + * @problem.severity warning + * @security-severity 8.1 + * @precision high + * @id rb/insecure-dependency + * @tags security + * external/cwe/cwe-300 + * external/cwe/cwe-319 + * external/cwe/cwe-494 + * external/cwe/cwe-829 + */ + +import ruby +import codeql.ruby.security.InsecureDependencyQuery + +from Expr url, string msg +where insecureDependencyUrl(url, msg) +select url, msg diff --git a/ruby/ql/src/queries/security/cwe-300/examples/bad_gemfile.rb b/ruby/ql/src/queries/security/cwe-300/examples/bad_gemfile.rb new file mode 100644 index 00000000000..8ab9fc0075d --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-300/examples/bad_gemfile.rb @@ -0,0 +1,3 @@ +source "http://rubygems.org" + +gem "my-gem-a", "1.2.3" \ No newline at end of file diff --git a/ruby/ql/src/queries/security/cwe-300/examples/good_gemfile.rb b/ruby/ql/src/queries/security/cwe-300/examples/good_gemfile.rb new file mode 100644 index 00000000000..ae6de349d86 --- /dev/null +++ b/ruby/ql/src/queries/security/cwe-300/examples/good_gemfile.rb @@ -0,0 +1,3 @@ +source "https://rubygems.org" + +gem "my-gem-a", "1.2.3" \ No newline at end of file diff --git a/ruby/ql/test/qlpack.yml b/ruby/ql/test/qlpack.yml index 5eb6e308f49..981e0defcf0 100644 --- a/ruby/ql/test/qlpack.yml +++ b/ruby/ql/test/qlpack.yml @@ -1,8 +1,8 @@ name: codeql/ruby-tests groups: [ruby, test] dependencies: - codeql/ruby-queries: ^0.0.2 - codeql/ruby-examples: ^0.0.2 - codeql/ruby-all: ^0.0.2 + codeql/ruby-queries: "*" + codeql/ruby-examples: "*" + codeql/ruby-all: "*" extractor: ruby tests: . diff --git a/ruby/ql/test/query-tests/security/cwe-300/Gemfile b/ruby/ql/test/query-tests/security/cwe-300/Gemfile new file mode 100644 index 00000000000..2e08b12072e --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-300/Gemfile @@ -0,0 +1,56 @@ +source "https://rubygems.org" # GOOD +source "http://rubygems.org" # $result=BAD +source "ftp://rubygems.org" # $result=BAD +source "ftps://rubygems.org" # GOOD +source "unknown://rubygems.org" # GOOD + +git_source(:a) { "https://github.com" } # GOOD +git_source(:b) { "http://github.com" } # $result=BAD +git_source(:c) { "ftp://github.com" } # $result=BAD +git_source(:d) { "ftps://github.com" } # GOOD +git_source(:e) { "unknown://github.com" } # GOOD + +git_source(:f) { |name| "https://github.com/#{name}" } # GOOD +git_source(:g) { |name| "http://github.com/#{name}" } # $result=BAD +git_source(:h) { |name| "ftp://github.com/#{name}" } # $result=BAD +git_source(:i) { |name| "ftps://github.com/#{name}" } # GOOD +git_source(:j) { |name| "unknown://github.com/#{name}" } # GOOD + +git_source(:k) do |name| + foo + "https://github.com/#{name}" } # GOOD +end +git_source(:l) do |name| + foo + "http://github.com/#{name}" } # $result=BAD +end +git_source(:m) do |name| + foo + "ftp://github.com/#{name}" } # $result=BAD +end +git_source(:n) do |name| + foo + "ftps://github.com/#{name}" } # GOOD +end +git_source(:o) do |name| + foo + "unknown://github.com/#{name}" } # GOOD +end + +gem "jwt", "1.2.3", git: "https://github.com/jwt/ruby-jwt" # GOOD +gem "jwt", "1.2.3", git: "http://github.com/jwt/ruby-jwt" # $result=BAD +gem "jwt", "1.2.3", git: "ftp://github.com/jwt/ruby-jwt" # $result=BAD +gem "jwt", "1.2.3", git: "ftps://github.com/jwt/ruby-jwt" # GOOD +gem "jwt", "1.2.3", git: "unknown://github.com/jwt/ruby-jwt" # GOOD + +gem "jwt", "1.2.3", :git => "https://github.com/jwt/ruby-jwt" # GOOD +gem "jwt", "1.2.3", :git => "http://github.com/jwt/ruby-jwt" # $result=BAD +gem "jwt", "1.2.3", :git => "ftp://github.com/jwt/ruby-jwt" # $result=BAD +gem "jwt", "1.2.3", :git => "ftps://github.com/jwt/ruby-jwt" # GOOD +gem "jwt", "1.2.3", :git => "unknown://github.com/jwt/ruby-jwt" # GOOD + +gem "jwt", "1.2.3", source: "https://rubygems.org" # GOOD +gem "jwt", "1.2.3", source: "http://rubygems.org" # $result=BAD +gem "jwt", "1.2.3", source: "ftp://rubygems.org" # $result=BAD +gem "jwt", "1.2.3", source: "ftps://rubygems.org" # GOOD +gem "jwt", "1.2.3", source: "unknown://rubygems.org" # GOOD \ No newline at end of file diff --git a/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.expected b/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.expected new file mode 100644 index 00000000000..94e588e4bdf --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.expected @@ -0,0 +1,16 @@ +failures +#select +| Gemfile:2:8:2:28 | "http://rubygems.org" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. | +| Gemfile:3:8:3:27 | "ftp://rubygems.org" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. | +| Gemfile:8:18:8:36 | "http://github.com" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. | +| Gemfile:9:18:9:35 | "ftp://github.com" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. | +| Gemfile:14:25:14:51 | "http://github.com/#{...}" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. | +| Gemfile:15:25:15:50 | "ftp://github.com/#{...}" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. | +| Gemfile:25:5:25:31 | "http://github.com/#{...}" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. | +| Gemfile:29:5:29:30 | "ftp://github.com/#{...}" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. | +| Gemfile:41:26:41:57 | "http://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. | +| Gemfile:42:26:42:56 | "ftp://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. | +| Gemfile:47:29:47:60 | "http://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. | +| Gemfile:48:29:48:59 | "ftp://github.com/jwt/ruby-jwt" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. | +| Gemfile:53:29:53:49 | "http://rubygems.org" | Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead. | +| Gemfile:54:29:54:48 | "ftp://rubygems.org" | Dependency source URL uses the unencrypted protocol FTP. Use FTPS or SFTP instead. | diff --git a/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.ql b/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.ql new file mode 100644 index 00000000000..d1438c3dd8c --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-300/InsecureDependency.ql @@ -0,0 +1,23 @@ +import ruby +import TestUtilities.InlineExpectationsTest +import codeql.ruby.security.InsecureDependencyQuery + +class InsecureDependencyTest extends InlineExpectationsTest { + InsecureDependencyTest() { this = "InsecureDependencyTest" } + + override string getARelevantTag() { result = "BAD" } + + override predicate hasActualResult(Location location, string element, string tag, string value) { + tag = "result" and + value = "BAD" and + exists(Expr e | + insecureDependencyUrl(e, _) and + location = e.getLocation() and + element = e.toString() + ) + } +} + +from Expr url, string msg +where insecureDependencyUrl(url, msg) +select url, msg diff --git a/ruby/ql/test/query-tests/security/cwe-300/foo.rb b/ruby/ql/test/query-tests/security/cwe-300/foo.rb new file mode 100644 index 00000000000..286a7bdc377 --- /dev/null +++ b/ruby/ql/test/query-tests/security/cwe-300/foo.rb @@ -0,0 +1,5 @@ +# Calls to `gem` etc. outside of the Gemfile should be ignored, since they may not be configuring dependencies. + +gem "foo", git: "http://foo.com" +git_source :a { |x| "http://foo.com" } +source "http://foo.com" diff --git a/swift/.clang-format b/swift/.clang-format new file mode 100644 index 00000000000..96d2febc1c2 --- /dev/null +++ b/swift/.clang-format @@ -0,0 +1,7 @@ +BasedOnStyle: Chromium +ColumnLimit: 100 +IndentWidth: 2 +SortIncludes: false +AllowShortIfStatementsOnASingleLine: WithoutElse +AlwaysBreakBeforeMultilineStrings: false +Standard: c++17 diff --git a/swift/.codeqlmanifest.json b/swift/.codeqlmanifest.json new file mode 100644 index 00000000000..3b809abfd3b --- /dev/null +++ b/swift/.codeqlmanifest.json @@ -0,0 +1,7 @@ +{ + "provide": [ + "ql/lib/qlpack.yml", + "ql/test/qlpack.yml", + "extractor-pack/codeql-extractor.yml" + ] +} diff --git a/swift/.gitignore b/swift/.gitignore new file mode 100644 index 00000000000..52d33160303 --- /dev/null +++ b/swift/.gitignore @@ -0,0 +1 @@ +extractor-pack diff --git a/swift/BUILD.bazel b/swift/BUILD.bazel new file mode 100644 index 00000000000..fd5e5b46de4 --- /dev/null +++ b/swift/BUILD.bazel @@ -0,0 +1,67 @@ +load("@rules_pkg//:mappings.bzl", "pkg_attributes", "pkg_filegroup", "pkg_files") +load("@rules_pkg//:install.bzl", "pkg_install") +load("//:defs.bzl", "codeql_platform") + +pkg_files( + name = "dbscheme", + srcs = [ + "ql/lib/swift.dbscheme", + "ql/lib/swift.dbscheme.stats", + ], +) + +pkg_files( + name = "qltest", + srcs = ["tools/qltest.sh"], + attributes = pkg_attributes(mode = "0755"), + prefix = "tools", +) + +pkg_files( + name = "manifest", + srcs = ["codeql-extractor.yml"], +) + +pkg_filegroup( + name = "extractor-pack-generic", + srcs = [ + ":dbscheme", + ":manifest", + ":qltest", + ], + visibility = ["//visibility:public"], +) + +pkg_files( + name = "extractor", + srcs = ["//swift/extractor"], + attributes = pkg_attributes(mode = "0755"), + prefix = "tools/" + codeql_platform, +) + +pkg_filegroup( + name = "extractor-pack-arch", + srcs = [":extractor"], + visibility = ["//visibility:public"], +) + +pkg_filegroup( + name = "extractor-pack", + srcs = [ + ":extractor-pack-arch", + ":extractor-pack-generic", + ], + visibility = ["//visibility:public"], +) + +pkg_install( + name = "_create_extractor_pack", + srcs = ["//swift:extractor-pack"], +) + +py_binary( + name = "create-extractor-pack", + srcs = ["tools/create_extractor_pack.py"], + main = "tools/create_extractor_pack.py", + deps = [":_create_extractor_pack"], +) diff --git a/swift/README.md b/swift/README.md new file mode 100644 index 00000000000..ef805a8273b --- /dev/null +++ b/swift/README.md @@ -0,0 +1,9 @@ +## Warning + +The Swift codeql package is an experimental and unsupported work in progress. + +## Usage + +Run `bazel run //swift:create-extractor-pack`, which will install `swift/extractor-pack`. +Using `--search-path=swift/extractor-pack` will then pick up the Swift extractor. You can also use +`--search-path=swift`, as the extractor pack is mentioned in `swift/.codeqlmanifest.json`. diff --git a/swift/codeql-extractor.yml b/swift/codeql-extractor.yml new file mode 100644 index 00000000000..94f464fd9b5 --- /dev/null +++ b/swift/codeql-extractor.yml @@ -0,0 +1,10 @@ +name: "swift" +display_name: "Swift" +version: 0.0.1 +column_kind: "utf8" +legacy_qltest_extraction: true +file_types: + - name: swift + display_name: Swift files + extensions: + - .swift diff --git a/swift/extractor/BUILD.bazel b/swift/extractor/BUILD.bazel new file mode 100644 index 00000000000..2914ae0f35c --- /dev/null +++ b/swift/extractor/BUILD.bazel @@ -0,0 +1,20 @@ +alias( + name = "swift-llvm-support", + actual = select({ + "@bazel_tools//src/conditions:%s" % arch: "@swift_prebuilt_%s//:swift-llvm-support" % arch + for arch in ("linux", "darwin_x86_64", "darwin_arm64") + }), +) + +cc_binary( + name = "extractor", + srcs = ["main.cpp"], + target_compatible_with = select({ + "@platforms//os:linux": [], + "@platforms//os:macos": [], + "//conditions:default": ["@platforms//:incompatible"], + }), + visibility = ["//swift:__pkg__"], + deps = [":swift-llvm-support"], + features = ["-universal_binaries"], +) diff --git a/swift/extractor/BUILD.swift-prebuilt.bazel b/swift/extractor/BUILD.swift-prebuilt.bazel new file mode 100644 index 00000000000..09daff07f3d --- /dev/null +++ b/swift/extractor/BUILD.swift-prebuilt.bazel @@ -0,0 +1,28 @@ +cc_library( + name = "swift-llvm-support", + srcs = [ + "libCodeQLSwiftFrontendTool.a", + ] + select({ + "@platforms//os:linux": [ + "libCodeQLSwiftFrontendTool.so", + ], + "@platforms//os:macos": [ + "libCodeQLSwiftFrontendTool.dylib", + ], + }), + hdrs = glob(["include/**/*"]), + linkopts = [ + "-lm", + "-lz", + ] + select({ + "@platforms//os:linux": [ + "-luuid", + "-lrt", + "-lpthread", + "-ldl", + ], + "//conditions:default": [], + }), + strip_include_prefix = "include", + visibility = ["//visibility:public"], +) diff --git a/swift/extractor/main.cpp b/swift/extractor/main.cpp new file mode 100644 index 00000000000..3f40dd042b6 --- /dev/null +++ b/swift/extractor/main.cpp @@ -0,0 +1,17 @@ +#include +#include +#include + +#include + +int main(int argc, char** argv) { + PROGRAM_START(argc, argv); + if (auto trapDir = getenv("CODEQL_EXTRACTOR_SWIFT_TRAP_DIR")) { + std::string file = trapDir; + file += "/my_first.trap"; + if (std::ofstream out{file}) { + out << "answer_to_life_the_universe_and_everything(42)\n"; + } + } + return 0; +} diff --git a/swift/ql/lib/qlpack.yml b/swift/ql/lib/qlpack.yml new file mode 100644 index 00000000000..5a6a80d2a59 --- /dev/null +++ b/swift/ql/lib/qlpack.yml @@ -0,0 +1,5 @@ +name: codeql/swift-all +version: 0.0.0 +dbscheme: swift.dbscheme +extractor: swift +library: true diff --git a/swift/ql/lib/swift.dbscheme b/swift/ql/lib/swift.dbscheme new file mode 100644 index 00000000000..3022d88cce0 --- /dev/null +++ b/swift/ql/lib/swift.dbscheme @@ -0,0 +1,7 @@ +sourceLocationPrefix( + string prefix: string ref +); + +answer_to_life_the_universe_and_everything( + int answer: int ref +) diff --git a/swift/ql/lib/swift.dbscheme.stats b/swift/ql/lib/swift.dbscheme.stats new file mode 100644 index 00000000000..9995467e33e --- /dev/null +++ b/swift/ql/lib/swift.dbscheme.stats @@ -0,0 +1,4 @@ + + + + diff --git a/swift/ql/test/answer.expected b/swift/ql/test/answer.expected new file mode 100644 index 00000000000..862807c972c --- /dev/null +++ b/swift/ql/test/answer.expected @@ -0,0 +1 @@ +| 42 | diff --git a/swift/ql/test/answer.ql b/swift/ql/test/answer.ql new file mode 100644 index 00000000000..e8c6ceb7858 --- /dev/null +++ b/swift/ql/test/answer.ql @@ -0,0 +1,3 @@ +from int answer +where answer_to_life_the_universe_and_everything(answer) +select answer diff --git a/swift/ql/test/qlpack.yml b/swift/ql/test/qlpack.yml new file mode 100644 index 00000000000..de89e5c9ef8 --- /dev/null +++ b/swift/ql/test/qlpack.yml @@ -0,0 +1,6 @@ +name: codeql-swift-tests +version: 0.0.0 +dependencies: + codeql/swift-all: "*" +tests: . +extractor: swift diff --git a/swift/tools/create_extractor_pack.py b/swift/tools/create_extractor_pack.py new file mode 100644 index 00000000000..ce86a00ea2d --- /dev/null +++ b/swift/tools/create_extractor_pack.py @@ -0,0 +1,16 @@ +import os +import pathlib +import shutil +import sys +from swift._create_extractor_pack_install_script import main + +try: + workspace_dir = pathlib.Path(os.environ['BUILD_WORKSPACE_DIRECTORY']) +except KeyError: + print("this should be run with bazel run", file=sys.stderr) + sys.exit(1) + +dest_dir = workspace_dir / 'swift' / 'extractor-pack' +shutil.rmtree(dest_dir, ignore_errors=True) +os.environ['DESTDIR'] = str(dest_dir) +main(sys.argv) diff --git a/swift/tools/qltest.sh b/swift/tools/qltest.sh new file mode 100755 index 00000000000..1e9b098aa0e --- /dev/null +++ b/swift/tools/qltest.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +mkdir -p "$CODEQL_EXTRACTOR_SWIFT_TRAP_DIR" + +exec "$CODEQL_EXTRACTOR_SWIFT_ROOT/tools/$CODEQL_PLATFORM/extractor"