hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added modeling for aliases.

Browse Source
This commit is contained in:
Napalys
2025-03-17 18:33:14 +01:00
parent dcc1e88d08
commit fc6b779a4b
2 changed files with 21 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
javascript/ql/test/library-tests/TripleDot/underscore.string.js
View File

@@ -32,10 +32,10 @@ function strToStr() {
sink(s.stripTags(source("s29"))); // $ hasTaintFlow=s29
sink(s.unquote(source("s30"), "quote")); // $ hasTaintFlow=s30
sink(s.map(source("s31"), (x) => {return x;})); // $ hasTaintFlow=s31
sink(s.strip(source("s32"),"charsToStrim")); // $ MISSING: hasTaintFlow=s32
sink(s.lstrip(source("s33"),"charsToStrim")); // $ MISSING: hasTaintFlow=s33
sink(s.rstrip(source("s34"),"charsToStrim")); // $ MISSING: hasTaintFlow=s34
sink(s.camelcase(source("s35"))); // $ MISSING: hasTaintFlow=s35
sink(s.strip(source("s32"),"charsToStrim")); // $ hasTaintFlow=s32
sink(s.lstrip(source("s33"),"charsToStrim")); // $ hasTaintFlow=s33
sink(s.rstrip(source("s34"),"charsToStrim")); // $ hasTaintFlow=s34
sink(s.camelcase(source("s35"))); // $ hasTaintFlow=s35
}
function strToArray() {
@@ -84,14 +84,14 @@ function multiSource() {
sink(s.quote(source("s21"), "quote")); // $ hasTaintFlow=s21
sink(s.quote("base", source("s22"))); // $ hasTaintFlow=s22
sink(s.q(source("s23"), "quote")); // $ MISSING: hasTaintFlow=s23
sink(s.q("base", source("s24"))); // $ MISSING: hasTaintFlow=s24
sink(s.q(source("s23"), "quote")); // $ hasTaintFlow=s23
sink(s.q("base", source("s24"))); // $ hasTaintFlow=s24
sink(s.rjust(source("s25"), 10, "charsToPad")); // $ MISSING: hasTaintFlow=s25
sink(s.rjust("base", 10, source("s26"))); // $ MISSING: hasTaintFlow=s26
sink(s.rjust(source("s25"), 10, "charsToPad")); // $ hasTaintFlow=s25
sink(s.rjust("base", 10, source("s26"))); // $ hasTaintFlow=s26
sink(s.ljust(source("s27"), 10, "charsToPad")); // $ MISSING: hasTaintFlow=s27
sink(s.ljust("base", 10, source("s28"))); // $ MISSING: hasTaintFlow=s28
sink(s.ljust(source("s27"), 10, "charsToPad")); // $ hasTaintFlow=s27
sink(s.ljust("base", 10, source("s28"))); // $ hasTaintFlow=s28
}
function chaining() {
@@ -115,6 +115,6 @@ function chaining() {
sink(s(source("s16"))
.strip().lstrip().rstrip().camelcase()
.q(source("s17").ljust(10, source("s18"))
.rjust(10, source("s19")))); // $ MISSING: hasTaintFlow=s16 MISSING: hasTaintFlow=s17 MISSING: hasTaintFlow=s18 MISSING: hasTaintFlow=s19
.q(source("s17")).ljust(10, source("s18"))
.rjust(10, source("s19"))); // $ hasTaintFlow=s16 hasTaintFlow=s17 hasTaintFlow=s18 hasTaintFlow=s19
}