hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 21:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Port LogInjection

Browse Source
This commit is contained in:
Asger F
2023-10-04 21:45:44 +02:00
parent ae680e747b
commit e9189f965f
3 changed files with 106 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
javascript/ql/lib/semmle/javascript/security/dataflow/LogInjectionQuery.qll
View File

@@ -22,7 +22,23 @@ abstract class Sanitizer extends DataFlow::Node { }
/**
* A taint-tracking configuration for untrusted user input used in log entries.
*/
class LogInjectionConfiguration extends TaintTracking::Configuration {
module LogInjectionConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof Source }
predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
}
/**
* Taint-tracking for untrusted user input used in log entries.
*/
module LogInjectionFlow = TaintTracking::Global<LogInjectionConfig>;
/**
* DEPRECATED. Use the `LogInjectionFlow` module instead.
*/
deprecated class LogInjectionConfiguration extends TaintTracking::Configuration {
LogInjectionConfiguration() { this = "LogInjection" }
override predicate isSource(DataFlow::Node source) { source instanceof Source }

6
javascript/ql/src/Security/CWE-117/LogInjection.ql
View File

@@ -12,10 +12,10 @@
*/
import javascript
import DataFlow::PathGraph
import semmle.javascript.security.dataflow.LogInjectionQuery
import LogInjectionFlow::PathGraph
from LogInjectionConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
from LogInjectionFlow::PathNode source, LogInjectionFlow::PathNode sink
where LogInjectionFlow::flowPath(source, sink)
select sink.getNode(), source, sink, "Log entry depends on a $@.", source.getNode(),
"user-provided value"

222
javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
View File

@@ -1,126 +1,23 @@
nodes
| logInjectionBad.js:19:9:19:36 | q |
| logInjectionBad.js:19:13:19:36 | url.par ... , true) |
| logInjectionBad.js:19:23:19:29 | req.url |
| logInjectionBad.js:19:23:19:29 | req.url |
| logInjectionBad.js:20:9:20:35 | username |
| logInjectionBad.js:20:20:20:20 | q |
| logInjectionBad.js:20:20:20:26 | q.query |
| logInjectionBad.js:20:20:20:35 | q.query.username |
| logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` |
| logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` |
| logInjectionBad.js:22:34:22:41 | username |
| logInjectionBad.js:23:37:23:44 | username |
| logInjectionBad.js:23:37:23:44 | username |
| logInjectionBad.js:24:35:24:42 | username |
| logInjectionBad.js:24:35:24:42 | username |
| logInjectionBad.js:25:36:25:43 | username |
| logInjectionBad.js:25:36:25:43 | username |
| logInjectionBad.js:28:9:28:32 | exceptional return of check_u ... ername) |
| logInjectionBad.js:28:24:28:31 | username |
| logInjectionBad.js:29:14:29:18 | error |
| logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:30:42:30:46 | error |
| logInjectionBad.js:46:9:46:36 | q |
| logInjectionBad.js:46:13:46:36 | url.par ... , true) |
| logInjectionBad.js:46:23:46:29 | req.url |
| logInjectionBad.js:46:23:46:29 | req.url |
| logInjectionBad.js:47:9:47:35 | username |
| logInjectionBad.js:47:20:47:20 | q |
| logInjectionBad.js:47:20:47:26 | q.query |
| logInjectionBad.js:47:20:47:35 | q.query.username |
| logInjectionBad.js:49:18:49:54 | ansiCol ... ername) |
| logInjectionBad.js:49:18:49:54 | ansiCol ... ername) |
| logInjectionBad.js:49:46:49:53 | username |
| logInjectionBad.js:50:18:50:47 | colors. ... ername) |
| logInjectionBad.js:50:18:50:47 | colors. ... ername) |
| logInjectionBad.js:50:39:50:46 | username |
| logInjectionBad.js:51:18:51:61 | wrapAns ... e), 20) |
| logInjectionBad.js:51:18:51:61 | wrapAns ... e), 20) |
| logInjectionBad.js:51:27:51:56 | colors. ... ername) |
| logInjectionBad.js:51:48:51:55 | username |
| logInjectionBad.js:52:17:52:47 | underli ... name))) |
| logInjectionBad.js:52:17:52:47 | underli ... name))) |
| logInjectionBad.js:52:27:52:46 | bold(blue(username)) |
| logInjectionBad.js:52:32:52:45 | blue(username) |
| logInjectionBad.js:52:37:52:44 | username |
| logInjectionBad.js:53:17:53:76 | highlig ... true}) |
| logInjectionBad.js:53:17:53:76 | highlig ... true}) |
| logInjectionBad.js:53:27:53:34 | username |
| logInjectionBad.js:54:17:54:51 | clc.red ... ername) |
| logInjectionBad.js:54:17:54:51 | clc.red ... ername) |
| logInjectionBad.js:54:43:54:50 | username |
| logInjectionBad.js:55:17:55:65 | sliceAn ... 20, 30) |
| logInjectionBad.js:55:17:55:65 | sliceAn ... 20, 30) |
| logInjectionBad.js:55:27:55:56 | colors. ... ername) |
| logInjectionBad.js:55:48:55:55 | username |
| logInjectionBad.js:56:17:56:55 | kleur.b ... ername) |
| logInjectionBad.js:56:17:56:55 | kleur.b ... ername) |
| logInjectionBad.js:56:47:56:54 | username |
| logInjectionBad.js:57:17:57:48 | chalk.u ... ername) |
| logInjectionBad.js:57:17:57:48 | chalk.u ... ername) |
| logInjectionBad.js:57:40:57:47 | username |
| logInjectionBad.js:58:17:58:59 | stripAn ... rname)) |
| logInjectionBad.js:58:17:58:59 | stripAn ... rname)) |
| logInjectionBad.js:58:27:58:58 | chalk.u ... ername) |
| logInjectionBad.js:58:50:58:57 | username |
| logInjectionBad.js:63:9:63:36 | q |
| logInjectionBad.js:63:13:63:36 | url.par ... , true) |
| logInjectionBad.js:63:23:63:29 | req.url |
| logInjectionBad.js:63:23:63:29 | req.url |
| logInjectionBad.js:64:9:64:35 | username |
| logInjectionBad.js:64:20:64:20 | q |
| logInjectionBad.js:64:20:64:26 | q.query |
| logInjectionBad.js:64:20:64:35 | q.query.username |
| logInjectionBad.js:66:17:66:43 | prettyj ... ername) |
| logInjectionBad.js:66:17:66:43 | prettyj ... ername) |
| logInjectionBad.js:66:35:66:42 | username |
| logInjectionBad.js:72:9:72:36 | q |
| logInjectionBad.js:72:13:72:36 | url.par ... , true) |
| logInjectionBad.js:72:23:72:29 | req.url |
| logInjectionBad.js:72:23:72:29 | req.url |
| logInjectionBad.js:73:9:73:35 | username |
| logInjectionBad.js:73:20:73:20 | q |
| logInjectionBad.js:73:20:73:26 | q.query |
| logInjectionBad.js:73:20:73:35 | q.query.username |
| logInjectionBad.js:75:15:75:22 | username |
| logInjectionBad.js:75:15:75:22 | username |
| logInjectionBad.js:82:30:82:37 | username |
| logInjectionBad.js:82:30:82:37 | username |
| logInjectionBad.js:91:26:91:33 | username |
| logInjectionBad.js:91:26:91:33 | username |
| logInjectionBad.js:99:26:99:33 | username |
| logInjectionBad.js:99:26:99:33 | username |
| logInjectionBad.js:113:37:113:44 | username |
| logInjectionBad.js:113:37:113:44 | username |
edges
| logInjectionBad.js:7:25:7:32 | username | logInjectionBad.js:8:38:8:45 | username |
| logInjectionBad.js:19:9:19:36 | q | logInjectionBad.js:20:20:20:20 | q |
| logInjectionBad.js:19:13:19:36 | url.par ... , true) | logInjectionBad.js:19:9:19:36 | q |
| logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:19:13:19:36 | url.par ... , true) |
| logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:19:13:19:36 | url.par ... , true) |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:22:34:22:41 | username |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:23:37:23:44 | username |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:23:37:23:44 | username |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:24:35:24:42 | username |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:24:35:24:42 | username |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:25:36:25:43 | username |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:25:36:25:43 | username |
| logInjectionBad.js:20:9:20:35 | username | logInjectionBad.js:28:24:28:31 | username |
| logInjectionBad.js:20:20:20:20 | q | logInjectionBad.js:20:20:20:26 | q.query |
| logInjectionBad.js:20:20:20:26 | q.query | logInjectionBad.js:20:20:20:35 | q.query.username |
| logInjectionBad.js:20:20:20:35 | q.query.username | logInjectionBad.js:20:9:20:35 | username |
| logInjectionBad.js:22:34:22:41 | username | logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` |
| logInjectionBad.js:20:20:20:20 | q | logInjectionBad.js:20:9:20:35 | username |
| logInjectionBad.js:22:34:22:41 | username | logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` |
| logInjectionBad.js:28:9:28:32 | exceptional return of check_u ... ername) | logInjectionBad.js:29:14:29:18 | error |
| logInjectionBad.js:28:24:28:31 | username | logInjectionBad.js:7:25:7:32 | username |
| logInjectionBad.js:28:24:28:31 | username | logInjectionBad.js:28:9:28:32 | exceptional return of check_u ... ername) |
| logInjectionBad.js:29:14:29:18 | error | logInjectionBad.js:30:42:30:46 | error |
| logInjectionBad.js:30:42:30:46 | error | logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:30:42:30:46 | error | logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:46:9:46:36 | q | logInjectionBad.js:47:20:47:20 | q |
| logInjectionBad.js:46:13:46:36 | url.par ... , true) | logInjectionBad.js:46:9:46:36 | q |
| logInjectionBad.js:46:23:46:29 | req.url | logInjectionBad.js:46:13:46:36 | url.par ... , true) |
| logInjectionBad.js:46:23:46:29 | req.url | logInjectionBad.js:46:13:46:36 | url.par ... , true) |
| logInjectionBad.js:47:9:47:35 | username | logInjectionBad.js:49:46:49:53 | username |
| logInjectionBad.js:47:9:47:35 | username | logInjectionBad.js:50:39:50:46 | username |
| logInjectionBad.js:47:9:47:35 | username | logInjectionBad.js:51:48:51:55 | username |
@@ -131,61 +28,114 @@ edges
| logInjectionBad.js:47:9:47:35 | username | logInjectionBad.js:56:47:56:54 | username |
| logInjectionBad.js:47:9:47:35 | username | logInjectionBad.js:57:40:57:47 | username |
| logInjectionBad.js:47:9:47:35 | username | logInjectionBad.js:58:50:58:57 | username |
| logInjectionBad.js:47:20:47:20 | q | logInjectionBad.js:47:20:47:26 | q.query |
| logInjectionBad.js:47:20:47:26 | q.query | logInjectionBad.js:47:20:47:35 | q.query.username |
| logInjectionBad.js:47:20:47:35 | q.query.username | logInjectionBad.js:47:9:47:35 | username |
| logInjectionBad.js:49:46:49:53 | username | logInjectionBad.js:49:18:49:54 | ansiCol ... ername) |
| logInjectionBad.js:47:20:47:20 | q | logInjectionBad.js:47:9:47:35 | username |
| logInjectionBad.js:49:46:49:53 | username | logInjectionBad.js:49:18:49:54 | ansiCol ... ername) |
| logInjectionBad.js:50:39:50:46 | username | logInjectionBad.js:50:18:50:47 | colors. ... ername) |
| logInjectionBad.js:50:39:50:46 | username | logInjectionBad.js:50:18:50:47 | colors. ... ername) |
| logInjectionBad.js:51:27:51:56 | colors. ... ername) | logInjectionBad.js:51:18:51:61 | wrapAns ... e), 20) |
| logInjectionBad.js:51:27:51:56 | colors. ... ername) | logInjectionBad.js:51:18:51:61 | wrapAns ... e), 20) |
| logInjectionBad.js:51:48:51:55 | username | logInjectionBad.js:51:27:51:56 | colors. ... ername) |
| logInjectionBad.js:52:27:52:46 | bold(blue(username)) | logInjectionBad.js:52:17:52:47 | underli ... name))) |
| logInjectionBad.js:52:27:52:46 | bold(blue(username)) | logInjectionBad.js:52:17:52:47 | underli ... name))) |
| logInjectionBad.js:52:32:52:45 | blue(username) | logInjectionBad.js:52:27:52:46 | bold(blue(username)) |
| logInjectionBad.js:52:37:52:44 | username | logInjectionBad.js:52:32:52:45 | blue(username) |
| logInjectionBad.js:53:27:53:34 | username | logInjectionBad.js:53:17:53:76 | highlig ... true}) |
| logInjectionBad.js:53:27:53:34 | username | logInjectionBad.js:53:17:53:76 | highlig ... true}) |
| logInjectionBad.js:54:43:54:50 | username | logInjectionBad.js:54:17:54:51 | clc.red ... ername) |
| logInjectionBad.js:54:43:54:50 | username | logInjectionBad.js:54:17:54:51 | clc.red ... ername) |
| logInjectionBad.js:55:27:55:56 | colors. ... ername) | logInjectionBad.js:55:17:55:65 | sliceAn ... 20, 30) |
| logInjectionBad.js:55:27:55:56 | colors. ... ername) | logInjectionBad.js:55:17:55:65 | sliceAn ... 20, 30) |
| logInjectionBad.js:55:48:55:55 | username | logInjectionBad.js:55:27:55:56 | colors. ... ername) |
| logInjectionBad.js:56:47:56:54 | username | logInjectionBad.js:56:17:56:55 | kleur.b ... ername) |
| logInjectionBad.js:56:47:56:54 | username | logInjectionBad.js:56:17:56:55 | kleur.b ... ername) |
| logInjectionBad.js:57:40:57:47 | username | logInjectionBad.js:57:17:57:48 | chalk.u ... ername) |
| logInjectionBad.js:57:40:57:47 | username | logInjectionBad.js:57:17:57:48 | chalk.u ... ername) |
| logInjectionBad.js:58:27:58:58 | chalk.u ... ername) | logInjectionBad.js:58:17:58:59 | stripAn ... rname)) |
| logInjectionBad.js:58:27:58:58 | chalk.u ... ername) | logInjectionBad.js:58:17:58:59 | stripAn ... rname)) |
| logInjectionBad.js:58:50:58:57 | username | logInjectionBad.js:58:27:58:58 | chalk.u ... ername) |
| logInjectionBad.js:63:9:63:36 | q | logInjectionBad.js:64:20:64:20 | q |
| logInjectionBad.js:63:13:63:36 | url.par ... , true) | logInjectionBad.js:63:9:63:36 | q |
| logInjectionBad.js:63:23:63:29 | req.url | logInjectionBad.js:63:13:63:36 | url.par ... , true) |
| logInjectionBad.js:63:23:63:29 | req.url | logInjectionBad.js:63:13:63:36 | url.par ... , true) |
| logInjectionBad.js:64:9:64:35 | username | logInjectionBad.js:66:35:66:42 | username |
| logInjectionBad.js:64:20:64:20 | q | logInjectionBad.js:64:20:64:26 | q.query |
| logInjectionBad.js:64:20:64:26 | q.query | logInjectionBad.js:64:20:64:35 | q.query.username |
| logInjectionBad.js:64:20:64:35 | q.query.username | logInjectionBad.js:64:9:64:35 | username |
| logInjectionBad.js:66:35:66:42 | username | logInjectionBad.js:66:17:66:43 | prettyj ... ername) |
| logInjectionBad.js:64:20:64:20 | q | logInjectionBad.js:64:9:64:35 | username |
| logInjectionBad.js:66:35:66:42 | username | logInjectionBad.js:66:17:66:43 | prettyj ... ername) |
| logInjectionBad.js:72:9:72:36 | q | logInjectionBad.js:73:20:73:20 | q |
| logInjectionBad.js:72:13:72:36 | url.par ... , true) | logInjectionBad.js:72:9:72:36 | q |
| logInjectionBad.js:72:23:72:29 | req.url | logInjectionBad.js:72:13:72:36 | url.par ... , true) |
| logInjectionBad.js:72:23:72:29 | req.url | logInjectionBad.js:72:13:72:36 | url.par ... , true) |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:75:15:75:22 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:75:15:75:22 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:82:30:82:37 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:82:30:82:37 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:91:26:91:33 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:91:26:91:33 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:99:26:99:33 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:99:26:99:33 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:113:37:113:44 | username |
| logInjectionBad.js:73:9:73:35 | username | logInjectionBad.js:113:37:113:44 | username |
| logInjectionBad.js:73:20:73:20 | q | logInjectionBad.js:73:20:73:26 | q.query |
| logInjectionBad.js:73:20:73:26 | q.query | logInjectionBad.js:73:20:73:35 | q.query.username |
| logInjectionBad.js:73:20:73:35 | q.query.username | logInjectionBad.js:73:9:73:35 | username |
| logInjectionBad.js:73:20:73:20 | q | logInjectionBad.js:73:9:73:35 | username |
| logInjectionBad.js:75:15:75:22 | username | logInjectionBad.js:77:5:85:5 | functio ... ;\\n } [username] |
| logInjectionBad.js:75:15:75:22 | username | logInjectionBad.js:87:5:94:5 | functio ... ;\\n } [username] |
| logInjectionBad.js:75:15:75:22 | username | logInjectionBad.js:96:5:103:5 | functio ... ;\\n } [username] |
| logInjectionBad.js:75:15:75:22 | username | logInjectionBad.js:105:5:118:5 | functio ... ;\\n } [username] |
| logInjectionBad.js:77:5:85:5 | functio ... ;\\n } [username] | logInjectionBad.js:82:30:82:37 | username |
| logInjectionBad.js:87:5:94:5 | functio ... ;\\n } [username] | logInjectionBad.js:91:26:91:33 | username |
| logInjectionBad.js:96:5:103:5 | functio ... ;\\n } [username] | logInjectionBad.js:99:26:99:33 | username |
| logInjectionBad.js:105:5:118:5 | functio ... ;\\n } [username] | logInjectionBad.js:113:37:113:44 | username |
nodes
| logInjectionBad.js:7:25:7:32 | username | semmle.label | username |
| logInjectionBad.js:8:38:8:45 | username | semmle.label | username |
| logInjectionBad.js:19:9:19:36 | q | semmle.label | q |
| logInjectionBad.js:19:13:19:36 | url.par ... , true) | semmle.label | url.par ... , true) |
| logInjectionBad.js:19:23:19:29 | req.url | semmle.label | req.url |
| logInjectionBad.js:20:9:20:35 | username | semmle.label | username |
| logInjectionBad.js:20:20:20:20 | q | semmle.label | q |
| logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` | semmle.label | `[INFO] ... rname}` |
| logInjectionBad.js:22:34:22:41 | username | semmle.label | username |
| logInjectionBad.js:23:37:23:44 | username | semmle.label | username |
| logInjectionBad.js:24:35:24:42 | username | semmle.label | username |
| logInjectionBad.js:25:36:25:43 | username | semmle.label | username |
| logInjectionBad.js:28:9:28:32 | exceptional return of check_u ... ername) | semmle.label | exceptional return of check_u ... ername) |
| logInjectionBad.js:28:24:28:31 | username | semmle.label | username |
| logInjectionBad.js:29:14:29:18 | error | semmle.label | error |
| logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` | semmle.label | `[ERROR ... rror}"` |
| logInjectionBad.js:30:42:30:46 | error | semmle.label | error |
| logInjectionBad.js:46:9:46:36 | q | semmle.label | q |
| logInjectionBad.js:46:13:46:36 | url.par ... , true) | semmle.label | url.par ... , true) |
| logInjectionBad.js:46:23:46:29 | req.url | semmle.label | req.url |
| logInjectionBad.js:47:9:47:35 | username | semmle.label | username |
| logInjectionBad.js:47:20:47:20 | q | semmle.label | q |
| logInjectionBad.js:49:18:49:54 | ansiCol ... ername) | semmle.label | ansiCol ... ername) |
| logInjectionBad.js:49:46:49:53 | username | semmle.label | username |
| logInjectionBad.js:50:18:50:47 | colors. ... ername) | semmle.label | colors. ... ername) |
| logInjectionBad.js:50:39:50:46 | username | semmle.label | username |
| logInjectionBad.js:51:18:51:61 | wrapAns ... e), 20) | semmle.label | wrapAns ... e), 20) |
| logInjectionBad.js:51:27:51:56 | colors. ... ername) | semmle.label | colors. ... ername) |
| logInjectionBad.js:51:48:51:55 | username | semmle.label | username |
| logInjectionBad.js:52:17:52:47 | underli ... name))) | semmle.label | underli ... name))) |
| logInjectionBad.js:52:27:52:46 | bold(blue(username)) | semmle.label | bold(blue(username)) |
| logInjectionBad.js:52:32:52:45 | blue(username) | semmle.label | blue(username) |
| logInjectionBad.js:52:37:52:44 | username | semmle.label | username |
| logInjectionBad.js:53:17:53:76 | highlig ... true}) | semmle.label | highlig ... true}) |
| logInjectionBad.js:53:27:53:34 | username | semmle.label | username |
| logInjectionBad.js:54:17:54:51 | clc.red ... ername) | semmle.label | clc.red ... ername) |
| logInjectionBad.js:54:43:54:50 | username | semmle.label | username |
| logInjectionBad.js:55:17:55:65 | sliceAn ... 20, 30) | semmle.label | sliceAn ... 20, 30) |
| logInjectionBad.js:55:27:55:56 | colors. ... ername) | semmle.label | colors. ... ername) |
| logInjectionBad.js:55:48:55:55 | username | semmle.label | username |
| logInjectionBad.js:56:17:56:55 | kleur.b ... ername) | semmle.label | kleur.b ... ername) |
| logInjectionBad.js:56:47:56:54 | username | semmle.label | username |
| logInjectionBad.js:57:17:57:48 | chalk.u ... ername) | semmle.label | chalk.u ... ername) |
| logInjectionBad.js:57:40:57:47 | username | semmle.label | username |
| logInjectionBad.js:58:17:58:59 | stripAn ... rname)) | semmle.label | stripAn ... rname)) |
| logInjectionBad.js:58:27:58:58 | chalk.u ... ername) | semmle.label | chalk.u ... ername) |
| logInjectionBad.js:58:50:58:57 | username | semmle.label | username |
| logInjectionBad.js:63:9:63:36 | q | semmle.label | q |
| logInjectionBad.js:63:13:63:36 | url.par ... , true) | semmle.label | url.par ... , true) |
| logInjectionBad.js:63:23:63:29 | req.url | semmle.label | req.url |
| logInjectionBad.js:64:9:64:35 | username | semmle.label | username |
| logInjectionBad.js:64:20:64:20 | q | semmle.label | q |
| logInjectionBad.js:66:17:66:43 | prettyj ... ername) | semmle.label | prettyj ... ername) |
| logInjectionBad.js:66:35:66:42 | username | semmle.label | username |
| logInjectionBad.js:72:9:72:36 | q | semmle.label | q |
| logInjectionBad.js:72:13:72:36 | url.par ... , true) | semmle.label | url.par ... , true) |
| logInjectionBad.js:72:23:72:29 | req.url | semmle.label | req.url |
| logInjectionBad.js:73:9:73:35 | username | semmle.label | username |
| logInjectionBad.js:73:20:73:20 | q | semmle.label | q |
| logInjectionBad.js:75:15:75:22 | username | semmle.label | username |
| logInjectionBad.js:75:15:75:22 | username | semmle.label | username |
| logInjectionBad.js:77:5:85:5 | functio ... ;\\n } [username] | semmle.label | functio ... ;\\n } [username] |
| logInjectionBad.js:82:30:82:37 | username | semmle.label | username |
| logInjectionBad.js:87:5:94:5 | functio ... ;\\n } [username] | semmle.label | functio ... ;\\n } [username] |
| logInjectionBad.js:91:26:91:33 | username | semmle.label | username |
| logInjectionBad.js:96:5:103:5 | functio ... ;\\n } [username] | semmle.label | functio ... ;\\n } [username] |
| logInjectionBad.js:99:26:99:33 | username | semmle.label | username |
| logInjectionBad.js:105:5:118:5 | functio ... ;\\n } [username] | semmle.label | functio ... ;\\n } [username] |
| logInjectionBad.js:113:37:113:44 | username | semmle.label | username |
subpaths
| logInjectionBad.js:28:24:28:31 | username | logInjectionBad.js:7:25:7:32 | username | logInjectionBad.js:8:38:8:45 | username | logInjectionBad.js:28:9:28:32 | exceptional return of check_u ... ername) |
#select
| logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` | logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` | Log entry depends on a $@. | logInjectionBad.js:19:23:19:29 | req.url | user-provided value |
| logInjectionBad.js:23:37:23:44 | username | logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:23:37:23:44 | username | Log entry depends on a $@. | logInjectionBad.js:19:23:19:29 | req.url | user-provided value |