hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 00:35:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Do simple modeling of process.stdin as threat-model source

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2024-10-31 14:24:27 +01:00
parent 34b86c39c1
commit eca8bf5a35
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/lib/semmle/javascript/frameworks/NodeJSLib.model.yml
View File

@@ -6,3 +6,5 @@ extensions:
extensible: sourceModel
data:
- ['fs', 'Member[promises].Member[readFile].ReturnValue.Member[then].Argument[0].Parameter[0]', 'file']
- ['global', 'Member[process].Member[stdin].Member[read].ReturnValue', 'stdin']
- ['global', 'Member[process].Member[stdin].Member[on,addListener].WithStringArgument[0=data].Argument[1].Parameter[0]', 'stdin']

8
javascript/ql/test/library-tests/threat-models/sources/sources.js
View File

@@ -94,12 +94,12 @@ rl_file.on("line", (line) => {
// ------ reading from stdin ------
// Accessing stdin using process.stdin
process.stdin.on('data', (data) => { // $ MISSING: threat-source=stdin
SINK(data); // $ MISSING: hasFlow
process.stdin.on('data', (data) => { // $ threat-source=stdin
SINK(data); // $ hasFlow
});
const stdin_line = process.stdin.read(); // $ MISSING: threat-source=stdin
SINK(stdin_line); // $ MISSING: hasFlow
const stdin_line = process.stdin.read(); // $ threat-source=stdin
SINK(stdin_line); // $ hasFlow
// Accessing stdin using readline
const readline = require('readline');