hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 18:55:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Add o[o.length] = y taint step

Browse Source
This commit is contained in:
Asger Feldthaus
2021-01-23 10:07:00 +00:00
parent 51f489211b
commit bd3f6d1234
3 changed files with 17 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
View File

@@ -11,6 +11,7 @@ typeInferenceMismatch
| array-mutation.js:27:16:27:23 | source() | array-mutation.js:28:8:28:8 | g |
| array-mutation.js:31:33:31:40 | source() | array-mutation.js:32:8:32:8 | h |
| array-mutation.js:35:36:35:43 | source() | array-mutation.js:36:8:36:8 | i |
| array-mutation.js:39:17:39:24 | source() | array-mutation.js:40:8:40:8 | j |
| booleanOps.js:2:11:2:18 | source() | booleanOps.js:4:8:4:8 | x |
| booleanOps.js:2:11:2:18 | source() | booleanOps.js:13:10:13:10 | x |
| booleanOps.js:2:11:2:18 | source() | booleanOps.js:19:10:19:10 | x |

4
javascript/ql/test/library-tests/TaintTracking/array-mutation.js
View File

@@ -34,4 +34,8 @@ function test(x, y) {
let i = [];
Array.prototype.unshift.apply(i, source());
sink(i); // NOT OK
let j = [];
j[j.length] = source();
sink(j); // NOT OK
}