hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: polish FileAccessToHttp.ql

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2018-10-05 12:04:21 +02:00
parent c064b1f41d
commit d261915598
2 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql
View File

@@ -1,6 +1,6 @@
/**
* @name File Access data flows to Http POST/PUT
* @description Writing data from file directly to http body or request header can be an indication to data exfiltration or unauthorized information disclosure.
* @name File data in outbound remote request
* @description Directly sending file data in an outbound remote request can indicate unauthorized information disclosure.
* @kind problem
* @problem.severity warning
* @id js/file-access-to-http
@@ -11,6 +11,6 @@
import javascript
import semmle.javascript.security.dataflow.FileAccessToHttp
from FileAccessToHttpDataFlow::Configuration config, DataFlow::Node src, DataFlow::Node sink
from FileAccessToHttp::Configuration config, DataFlow::Node src, DataFlow::Node sink
where config.hasFlow (src, sink)
select src, "$@ flows directly to Http request body", sink, "File access"
select sink, "$@ flows directly to outbound remote request", src, "File data"

16
javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.expected
View File

@@ -1,8 +1,8 @@
| bufferRead.js:12:22:12:43 | new Buf ... s.size) | $@ flows directly to Http request body | bufferRead.js:33:21:33:28 | postData | File access |
| googlecompiler.js:44:54:44:57 | data | $@ flows directly to Http request body | googlecompiler.js:38:18:38:26 | post_data | File access |
| readFileSync.js:5:12:5:39 | fs.read ... t.txt") | $@ flows directly to Http request body | readFileSync.js:26:18:26:18 | s | File access |
| readStreamRead.js:13:21:13:35 | readable.read() | $@ flows directly to Http request body | readStreamRead.js:30:19:30:23 | chunk | File access |
| request.js:28:52:28:55 | data | $@ flows directly to Http request body | request.js:8:11:8:20 | {jsonData} | File access |
| request.js:43:51:43:54 | data | $@ flows directly to Http request body | request.js:16:11:23:3 | {\\n u ... ody\\n } | File access |
| sentAsHeaders.js:10:79:10:84 | buffer | $@ flows directly to Http request body | sentAsHeaders.js:14:20:19:9 | {\\n ... } | File access |
| sentAsHeaders.js:10:79:10:84 | buffer | $@ flows directly to Http request body | sentAsHeaders.js:20:20:25:9 | {\\n ... } | File access |
| bufferRead.js:33:21:33:28 | postData | $@ flows directly to outbound remote request | bufferRead.js:12:22:12:43 | new Buf ... s.size) | File data |
| googlecompiler.js:38:18:38:26 | post_data | $@ flows directly to outbound remote request | googlecompiler.js:44:54:44:57 | data | File data |
| readFileSync.js:26:18:26:18 | s | $@ flows directly to outbound remote request | readFileSync.js:5:12:5:39 | fs.read ... t.txt") | File data |
| readStreamRead.js:30:19:30:23 | chunk | $@ flows directly to outbound remote request | readStreamRead.js:13:21:13:35 | readable.read() | File data |
| request.js:8:11:8:20 | {jsonData} | $@ flows directly to outbound remote request | request.js:28:52:28:55 | data | File data |
| request.js:16:11:23:3 | {\\n u ... ody\\n } | $@ flows directly to outbound remote request | request.js:43:51:43:54 | data | File data |
| sentAsHeaders.js:14:20:19:9 | {\\n ... } | $@ flows directly to outbound remote request | sentAsHeaders.js:10:79:10:84 | buffer | File data |
| sentAsHeaders.js:20:20:25:9 | {\\n ... } | $@ flows directly to outbound remote request | sentAsHeaders.js:10:79:10:84 | buffer | File data |