hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

add taint step for the markdown-table library

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2021-02-10 15:11:41 +01:00
parent b4704f7016
commit f76018c039
4 changed files with 47 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
javascript/ql/src/semmle/javascript/frameworks/Markdown.qll
View File

@@ -16,6 +16,18 @@ private class MarkedStep extends TaintTracking::AdditionalTaintStep, DataFlow::C
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
succ = this and
pred = this.getAnArgument()
pred = this.getArgument(0)
}
}
/**
* A taint step for the `markdown-table` library.
*/
private class MarkdownTableStep extends TaintTracking::AdditionalTaintStep, DataFlow::CallNode {
MarkdownTableStep() { this = DataFlow::moduleImport("markdown-table").getACall() }
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
succ = this and
pred = this.getArgument(0)
}
}