hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: now RegExp with unknown flags is not flagged as an issue within password Clear text storage of sensitive information

Browse Source
This commit is contained in:
Napalys
2024-11-27 17:14:10 +01:00
parent a2c46749c6
commit e673348ed3
3 changed files with 2 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/lib/semmle/javascript/security/dataflow/CleartextLoggingCustomizations.qll
View File

@@ -36,7 +36,7 @@ module CleartextLogging {
*/
class MaskingReplacer extends Barrier, StringReplaceCall {
MaskingReplacer() {
this.isGlobal() and
this.maybeGlobal() and
exists(this.getRawReplacement().getStringValue()) and
exists(DataFlow::RegExpCreationNode regexpObj |
this.(StringReplaceCall).getRegExp() = regexpObj and

9
javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected
View File

@@ -143,10 +143,6 @@ nodes
| passwords.js:182:14:182:21 | password |
| passwords.js:182:14:182:51 | passwor ... ), "*") |
| passwords.js:182:14:182:51 | passwor ... ), "*") |
| passwords.js:183:14:183:21 | password |
| passwords.js:183:14:183:21 | password |
| passwords.js:183:14:183:67 | passwor ... ), "*") |
| passwords.js:183:14:183:67 | passwor ... ), "*") |
| passwords_in_browser1.js:2:13:2:20 | password |
| passwords_in_browser1.js:2:13:2:20 | password |
| passwords_in_browser1.js:2:13:2:20 | password |
@@ -297,10 +293,6 @@ edges
| passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") |
| passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") |
| passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") |
| passwords.js:183:14:183:21 | password | passwords.js:183:14:183:67 | passwor ... ), "*") |
| passwords.js:183:14:183:21 | password | passwords.js:183:14:183:67 | passwor ... ), "*") |
| passwords.js:183:14:183:21 | password | passwords.js:183:14:183:67 | passwor ... ), "*") |
| passwords.js:183:14:183:21 | password | passwords.js:183:14:183:67 | passwor ... ), "*") |
| passwords_in_browser1.js:2:13:2:20 | password | passwords_in_browser1.js:2:13:2:20 | password |
| passwords_in_browser2.js:2:13:2:20 | password | passwords_in_browser2.js:2:13:2:20 | password |
| passwords_in_server_1.js:6:13:6:20 | password | passwords_in_server_1.js:6:13:6:20 | password |
@@ -349,7 +341,6 @@ edges
| passwords.js:173:17:173:26 | myPassword | passwords.js:173:17:173:26 | myPassword | passwords.js:173:17:173:26 | myPassword | This logs sensitive data returned by $@ as clear text. | passwords.js:173:17:173:26 | myPassword | an access to myPassword |
| passwords.js:176:17:176:26 | myPasscode | passwords.js:176:17:176:26 | myPasscode | passwords.js:176:17:176:26 | myPasscode | This logs sensitive data returned by $@ as clear text. | passwords.js:176:17:176:26 | myPasscode | an access to myPasscode |
| passwords.js:182:14:182:51 | passwor ... ), "*") | passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") | This logs sensitive data returned by $@ as clear text. | passwords.js:182:14:182:21 | password | an access to password |
| passwords.js:183:14:183:67 | passwor ... ), "*") | passwords.js:183:14:183:21 | password | passwords.js:183:14:183:67 | passwor ... ), "*") | This logs sensitive data returned by $@ as clear text. | passwords.js:183:14:183:21 | password | an access to password |
| passwords_in_server_1.js:6:13:6:20 | password | passwords_in_server_1.js:6:13:6:20 | password | passwords_in_server_1.js:6:13:6:20 | password | This logs sensitive data returned by $@ as clear text. | passwords_in_server_1.js:6:13:6:20 | password | an access to password |
| passwords_in_server_2.js:3:13:3:20 | password | passwords_in_server_2.js:3:13:3:20 | password | passwords_in_server_2.js:3:13:3:20 | password | This logs sensitive data returned by $@ as clear text. | passwords_in_server_2.js:3:13:3:20 | password | an access to password |
| passwords_in_server_3.js:2:13:2:20 | password | passwords_in_server_3.js:2:13:2:20 | password | passwords_in_server_3.js:2:13:2:20 | password | This logs sensitive data returned by $@ as clear text. | passwords_in_server_3.js:2:13:2:20 | password | an access to password |

2
javascript/ql/test/query-tests/Security/CWE-312/passwords.js
View File

@@ -180,5 +180,5 @@ const debug = require('debug')('test');
console.log(password.replace(/./g, "*")); // OK
console.log(password.replace(new RegExp(".", "g"), "*")); // OK
console.log(password.replace(new RegExp("."), "*")); // NOT OK
console.log(password.replace(new RegExp(".", unknownFlags()), "*")); // OK -- Currently flagged, though maybe it should not be.
console.log(password.replace(new RegExp(".", unknownFlags()), "*")); // OK -- Most likely not a problem.
})();