hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 19:55:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Add consistency test

Browse Source
This commit is contained in:
Asger Feldthaus
2022-02-16 09:32:59 +01:00
parent 3103cfd925
commit cf66d01e80
2 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/query-tests/Security/CWE-918/Consistency.expected Normal file
View File

@@ -0,0 +1,2 @@
consistencyIssue
resultInWrongFile

17
javascript/ql/test/query-tests/Security/CWE-918/Consistency.ql Normal file
View File

@@ -0,0 +1,17 @@
import javascript
import semmle.javascript.security.dataflow.RequestForgeryQuery as RequestForgery
import semmle.javascript.security.dataflow.ClientSideRequestForgeryQuery as ClientSideRequestForgery
import testUtilities.ConsistencyChecking
query predicate resultInWrongFile(DataFlow::Node node) {
exists(DataFlow::Configuration cfg, string filePattern |
cfg instanceof RequestForgery::Configuration and
filePattern = ".*serverSide.*"
or
cfg instanceof ClientSideRequestForgery::Configuration and
filePattern = ".*clientSide.*"
|
cfg.hasFlow(_, node) and
not node.getFile().getRelativePath().regexpMatch(filePattern)
)
}