hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

add test for new JSON serializers

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-08-04 14:48:11 +02:00
parent 5a3f67a682
commit f70cb2e7b3
2 changed files with 31 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
View File

@@ -68,6 +68,18 @@ typeInferenceMismatch
| exceptions.js:158:13:158:20 | source() | exceptions.js:161:10:161:10 | e |
| importedReactComponent.jsx:4:40:4:47 | source() | exportedReactComponent.jsx:2:10:2:19 | props.text |
| indexOf.js:4:11:4:18 | source() | indexOf.js:9:10:9:10 | x |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:5:8:5:29 | JSON.st ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:9:8:9:47 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:10:8:10:42 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:11:8:11:41 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:12:8:12:52 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:13:8:13:45 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:14:8:14:46 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:15:8:15:38 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:16:8:16:38 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:17:8:17:39 | require ... source) |
| json-serializers.js:2:16:2:23 | source() | json-serializers.js:18:8:18:40 | require ... source) |
| json-serializers.js:3:15:3:22 | source() | json-serializers.js:8:8:8:31 | jsonStr ... (taint) |
| nested-props.js:4:13:4:20 | source() | nested-props.js:5:10:5:14 | obj.x |
| nested-props.js:9:18:9:25 | source() | nested-props.js:10:10:10:16 | obj.x.y |
| nested-props.js:35:13:35:20 | source() | nested-props.js:36:10:36:20 | doLoad(obj) |

19
javascript/ql/test/library-tests/TaintTracking/json-serializers.js Normal file
View File

@@ -0,0 +1,19 @@
function foo() {
let source = source();
let taint = source();
sink(JSON.stringify(source)); // NOT OK
var jsonStringifySafe = require("json-stringify-safe");
sink(jsonStringifySafe(taint)); // NOT OK
sink(require("json-stable-stringify")(source)); // NOT OK
sink(require("stringify-object")(source)); // NOT OK
sink(require("json3").stringify(source)); // NOT OK
sink(require("fast-json-stable-stringify")(source)); // NOT OK
sink(require("fast-safe-stringify")(source)); // NOT OK
sink(require("javascript-stringify")(source)); // NOT OK
sink(require("js-stringify")(source)); // NOT OK
sink(require("util").inspect(source)); // NOT OK
sink(require("pretty-format")(source)); // NOT OK
sink(require("object-inspect")(source)); // NOT OK
}