hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

add taint step through the cli-highlight library

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2021-06-22 23:06:50 +02:00
parent d114cdc6e5
commit ec9c885908
4 changed files with 74 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
javascript/ql/test/query-tests/Security/CWE-117/LogInjection.expected
View File

@@ -22,29 +22,32 @@ nodes
| logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:30:42:30:46 | error |
| logInjectionBad.js:40:9:40:36 | q |
| logInjectionBad.js:40:13:40:36 | url.par ... , true) |
| logInjectionBad.js:40:23:40:29 | req.url |
| logInjectionBad.js:40:23:40:29 | req.url |
| logInjectionBad.js:41:9:41:35 | username |
| logInjectionBad.js:41:20:41:20 | q |
| logInjectionBad.js:41:20:41:26 | q.query |
| logInjectionBad.js:41:20:41:35 | q.query.username |
| logInjectionBad.js:43:18:43:54 | ansiCol ... ername) |
| logInjectionBad.js:43:18:43:54 | ansiCol ... ername) |
| logInjectionBad.js:43:46:43:53 | username |
| logInjectionBad.js:44:18:44:47 | colors. ... ername) |
| logInjectionBad.js:44:18:44:47 | colors. ... ername) |
| logInjectionBad.js:44:39:44:46 | username |
| logInjectionBad.js:45:18:45:61 | wrapAns ... e), 20) |
| logInjectionBad.js:45:18:45:61 | wrapAns ... e), 20) |
| logInjectionBad.js:45:27:45:56 | colors. ... ername) |
| logInjectionBad.js:45:48:45:55 | username |
| logInjectionBad.js:46:17:46:47 | underli ... name))) |
| logInjectionBad.js:46:17:46:47 | underli ... name))) |
| logInjectionBad.js:46:27:46:46 | bold(blue(username)) |
| logInjectionBad.js:46:32:46:45 | blue(username) |
| logInjectionBad.js:46:37:46:44 | username |
| logInjectionBad.js:41:9:41:36 | q |
| logInjectionBad.js:41:13:41:36 | url.par ... , true) |
| logInjectionBad.js:41:23:41:29 | req.url |
| logInjectionBad.js:41:23:41:29 | req.url |
| logInjectionBad.js:42:9:42:35 | username |
| logInjectionBad.js:42:20:42:20 | q |
| logInjectionBad.js:42:20:42:26 | q.query |
| logInjectionBad.js:42:20:42:35 | q.query.username |
| logInjectionBad.js:44:18:44:54 | ansiCol ... ername) |
| logInjectionBad.js:44:18:44:54 | ansiCol ... ername) |
| logInjectionBad.js:44:46:44:53 | username |
| logInjectionBad.js:45:18:45:47 | colors. ... ername) |
| logInjectionBad.js:45:18:45:47 | colors. ... ername) |
| logInjectionBad.js:45:39:45:46 | username |
| logInjectionBad.js:46:18:46:61 | wrapAns ... e), 20) |
| logInjectionBad.js:46:18:46:61 | wrapAns ... e), 20) |
| logInjectionBad.js:46:27:46:56 | colors. ... ername) |
| logInjectionBad.js:46:48:46:55 | username |
| logInjectionBad.js:47:17:47:47 | underli ... name))) |
| logInjectionBad.js:47:17:47:47 | underli ... name))) |
| logInjectionBad.js:47:27:47:46 | bold(blue(username)) |
| logInjectionBad.js:47:32:47:45 | blue(username) |
| logInjectionBad.js:47:37:47:44 | username |
| logInjectionBad.js:48:17:48:76 | highlig ... true}) |
| logInjectionBad.js:48:17:48:76 | highlig ... true}) |
| logInjectionBad.js:48:27:48:34 | username |
edges
| logInjectionBad.js:19:9:19:36 | q | logInjectionBad.js:20:20:20:20 | q |
| logInjectionBad.js:19:13:19:36 | url.par ... , true) | logInjectionBad.js:19:9:19:36 | q |
@@ -68,35 +71,39 @@ edges
| logInjectionBad.js:29:14:29:18 | error | logInjectionBad.js:30:42:30:46 | error |
| logInjectionBad.js:30:42:30:46 | error | logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:30:42:30:46 | error | logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` |
| logInjectionBad.js:40:9:40:36 | q | logInjectionBad.js:41:20:41:20 | q |
| logInjectionBad.js:40:13:40:36 | url.par ... , true) | logInjectionBad.js:40:9:40:36 | q |
| logInjectionBad.js:40:23:40:29 | req.url | logInjectionBad.js:40:13:40:36 | url.par ... , true) |
| logInjectionBad.js:40:23:40:29 | req.url | logInjectionBad.js:40:13:40:36 | url.par ... , true) |
| logInjectionBad.js:41:9:41:35 | username | logInjectionBad.js:43:46:43:53 | username |
| logInjectionBad.js:41:9:41:35 | username | logInjectionBad.js:44:39:44:46 | username |
| logInjectionBad.js:41:9:41:35 | username | logInjectionBad.js:45:48:45:55 | username |
| logInjectionBad.js:41:9:41:35 | username | logInjectionBad.js:46:37:46:44 | username |
| logInjectionBad.js:41:20:41:20 | q | logInjectionBad.js:41:20:41:26 | q.query |
| logInjectionBad.js:41:20:41:26 | q.query | logInjectionBad.js:41:20:41:35 | q.query.username |
| logInjectionBad.js:41:20:41:35 | q.query.username | logInjectionBad.js:41:9:41:35 | username |
| logInjectionBad.js:43:46:43:53 | username | logInjectionBad.js:43:18:43:54 | ansiCol ... ername) |
| logInjectionBad.js:43:46:43:53 | username | logInjectionBad.js:43:18:43:54 | ansiCol ... ername) |
| logInjectionBad.js:44:39:44:46 | username | logInjectionBad.js:44:18:44:47 | colors. ... ername) |
| logInjectionBad.js:44:39:44:46 | username | logInjectionBad.js:44:18:44:47 | colors. ... ername) |
| logInjectionBad.js:45:27:45:56 | colors. ... ername) | logInjectionBad.js:45:18:45:61 | wrapAns ... e), 20) |
| logInjectionBad.js:45:27:45:56 | colors. ... ername) | logInjectionBad.js:45:18:45:61 | wrapAns ... e), 20) |
| logInjectionBad.js:45:48:45:55 | username | logInjectionBad.js:45:27:45:56 | colors. ... ername) |
| logInjectionBad.js:46:27:46:46 | bold(blue(username)) | logInjectionBad.js:46:17:46:47 | underli ... name))) |
| logInjectionBad.js:46:27:46:46 | bold(blue(username)) | logInjectionBad.js:46:17:46:47 | underli ... name))) |
| logInjectionBad.js:46:32:46:45 | blue(username) | logInjectionBad.js:46:27:46:46 | bold(blue(username)) |
| logInjectionBad.js:46:37:46:44 | username | logInjectionBad.js:46:32:46:45 | blue(username) |
| logInjectionBad.js:41:9:41:36 | q | logInjectionBad.js:42:20:42:20 | q |
| logInjectionBad.js:41:13:41:36 | url.par ... , true) | logInjectionBad.js:41:9:41:36 | q |
| logInjectionBad.js:41:23:41:29 | req.url | logInjectionBad.js:41:13:41:36 | url.par ... , true) |
| logInjectionBad.js:41:23:41:29 | req.url | logInjectionBad.js:41:13:41:36 | url.par ... , true) |
| logInjectionBad.js:42:9:42:35 | username | logInjectionBad.js:44:46:44:53 | username |
| logInjectionBad.js:42:9:42:35 | username | logInjectionBad.js:45:39:45:46 | username |
| logInjectionBad.js:42:9:42:35 | username | logInjectionBad.js:46:48:46:55 | username |
| logInjectionBad.js:42:9:42:35 | username | logInjectionBad.js:47:37:47:44 | username |
| logInjectionBad.js:42:9:42:35 | username | logInjectionBad.js:48:27:48:34 | username |
| logInjectionBad.js:42:20:42:20 | q | logInjectionBad.js:42:20:42:26 | q.query |
| logInjectionBad.js:42:20:42:26 | q.query | logInjectionBad.js:42:20:42:35 | q.query.username |
| logInjectionBad.js:42:20:42:35 | q.query.username | logInjectionBad.js:42:9:42:35 | username |
| logInjectionBad.js:44:46:44:53 | username | logInjectionBad.js:44:18:44:54 | ansiCol ... ername) |
| logInjectionBad.js:44:46:44:53 | username | logInjectionBad.js:44:18:44:54 | ansiCol ... ername) |
| logInjectionBad.js:45:39:45:46 | username | logInjectionBad.js:45:18:45:47 | colors. ... ername) |
| logInjectionBad.js:45:39:45:46 | username | logInjectionBad.js:45:18:45:47 | colors. ... ername) |
| logInjectionBad.js:46:27:46:56 | colors. ... ername) | logInjectionBad.js:46:18:46:61 | wrapAns ... e), 20) |
| logInjectionBad.js:46:27:46:56 | colors. ... ername) | logInjectionBad.js:46:18:46:61 | wrapAns ... e), 20) |
| logInjectionBad.js:46:48:46:55 | username | logInjectionBad.js:46:27:46:56 | colors. ... ername) |
| logInjectionBad.js:47:27:47:46 | bold(blue(username)) | logInjectionBad.js:47:17:47:47 | underli ... name))) |
| logInjectionBad.js:47:27:47:46 | bold(blue(username)) | logInjectionBad.js:47:17:47:47 | underli ... name))) |
| logInjectionBad.js:47:32:47:45 | blue(username) | logInjectionBad.js:47:27:47:46 | bold(blue(username)) |
| logInjectionBad.js:47:37:47:44 | username | logInjectionBad.js:47:32:47:45 | blue(username) |
| logInjectionBad.js:48:27:48:34 | username | logInjectionBad.js:48:17:48:76 | highlig ... true}) |
| logInjectionBad.js:48:27:48:34 | username | logInjectionBad.js:48:17:48:76 | highlig ... true}) |
#select
| logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` | logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:22:18:22:43 | `[INFO] ... rname}` | $@ flows to log entry. | logInjectionBad.js:19:23:19:29 | req.url | User-provided value |
| logInjectionBad.js:23:37:23:44 | username | logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:23:37:23:44 | username | $@ flows to log entry. | logInjectionBad.js:19:23:19:29 | req.url | User-provided value |
| logInjectionBad.js:24:35:24:42 | username | logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:24:35:24:42 | username | $@ flows to log entry. | logInjectionBad.js:19:23:19:29 | req.url | User-provided value |
| logInjectionBad.js:25:36:25:43 | username | logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:25:36:25:43 | username | $@ flows to log entry. | logInjectionBad.js:19:23:19:29 | req.url | User-provided value |
| logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` | logInjectionBad.js:19:23:19:29 | req.url | logInjectionBad.js:30:23:30:49 | `[ERROR ... rror}"` | $@ flows to log entry. | logInjectionBad.js:19:23:19:29 | req.url | User-provided value |
| logInjectionBad.js:43:18:43:54 | ansiCol ... ername) | logInjectionBad.js:40:23:40:29 | req.url | logInjectionBad.js:43:18:43:54 | ansiCol ... ername) | $@ flows to log entry. | logInjectionBad.js:40:23:40:29 | req.url | User-provided value |
| logInjectionBad.js:44:18:44:47 | colors. ... ername) | logInjectionBad.js:40:23:40:29 | req.url | logInjectionBad.js:44:18:44:47 | colors. ... ername) | $@ flows to log entry. | logInjectionBad.js:40:23:40:29 | req.url | User-provided value |
| logInjectionBad.js:45:18:45:61 | wrapAns ... e), 20) | logInjectionBad.js:40:23:40:29 | req.url | logInjectionBad.js:45:18:45:61 | wrapAns ... e), 20) | $@ flows to log entry. | logInjectionBad.js:40:23:40:29 | req.url | User-provided value |
| logInjectionBad.js:46:17:46:47 | underli ... name))) | logInjectionBad.js:40:23:40:29 | req.url | logInjectionBad.js:46:17:46:47 | underli ... name))) | $@ flows to log entry. | logInjectionBad.js:40:23:40:29 | req.url | User-provided value |
| logInjectionBad.js:44:18:44:54 | ansiCol ... ername) | logInjectionBad.js:41:23:41:29 | req.url | logInjectionBad.js:44:18:44:54 | ansiCol ... ername) | $@ flows to log entry. | logInjectionBad.js:41:23:41:29 | req.url | User-provided value |
| logInjectionBad.js:45:18:45:47 | colors. ... ername) | logInjectionBad.js:41:23:41:29 | req.url | logInjectionBad.js:45:18:45:47 | colors. ... ername) | $@ flows to log entry. | logInjectionBad.js:41:23:41:29 | req.url | User-provided value |
| logInjectionBad.js:46:18:46:61 | wrapAns ... e), 20) | logInjectionBad.js:41:23:41:29 | req.url | logInjectionBad.js:46:18:46:61 | wrapAns ... e), 20) | $@ flows to log entry. | logInjectionBad.js:41:23:41:29 | req.url | User-provided value |
| logInjectionBad.js:47:17:47:47 | underli ... name))) | logInjectionBad.js:41:23:41:29 | req.url | logInjectionBad.js:47:17:47:47 | underli ... name))) | $@ flows to log entry. | logInjectionBad.js:41:23:41:29 | req.url | User-provided value |
| logInjectionBad.js:48:17:48:76 | highlig ... true}) | logInjectionBad.js:41:23:41:29 | req.url | logInjectionBad.js:48:17:48:76 | highlig ... true}) | $@ flows to log entry. | logInjectionBad.js:41:23:41:29 | req.url | User-provided value |

2
javascript/ql/test/query-tests/Security/CWE-117/logInjectionBad.js
View File

@@ -35,6 +35,7 @@ const ansiColors = require('ansi-colors');
const colors = require('colors');
import wrapAnsi from 'wrap-ansi';
import { blue, bold, underline } from "colorette"
const highlight = require('cli-highlight').highlight;
const server2 = http.createServer((req, res) => {
let q = url.parse(req.url, true);
@@ -44,4 +45,5 @@ const server2 = http.createServer((req, res) => {
console.info(colors.red.underline(username)); // NOT OK
console.info(wrapAnsi(colors.red.underline(username), 20)); // NOT OK
console.log(underline(bold(blue(username)))); // NOT OK
console.log(highlight(username, {language: 'sql', ignoreIllegals: true})); // NOT OK
});