JS: Fix flow through +=

2026-04-28 02:05:14 +02:00 · 2019-04-05 13:55:48 +01:00
parent 15fa4f8b7a
commit e55330b820
7 changed files with 55 additions and 2 deletions
--- a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
+++ b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
@@ -1,3 +1,5 @@
+| addexpr.js:4:10:4:17 | source() | addexpr.js:7:8:7:8 | x |
+| addexpr.js:11:15:11:22 | source() | addexpr.js:21:8:21:12 | value |
 | advanced-callgraph.js:2:13:2:20 | source() | advanced-callgraph.js:6:22:6:22 | v |
 | callbacks.js:4:6:4:13 | source() | callbacks.js:34:27:34:27 | x |
 | callbacks.js:4:6:4:13 | source() | callbacks.js:35:27:35:27 | x |
--- a/javascript/ql/test/library-tests/TaintTracking/addexpr.js
+++ b/javascript/ql/test/library-tests/TaintTracking/addexpr.js
@@ -0,0 +1,22 @@
+function test1(b) {
+  let x = 'one';
+  if (b) {
+    x += source();
+  }
+  x += 'three';
+  sink(x); // NOT OK
+}
+
+function test2(x, foo) {
+  let taint = source();
+  let value = '';
+
+  sink(value); // OK
+
+  if (x) {
+    value += taint;
+  }
+  value += foo;
+
+  sink(value); // NOT OK
+}