hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ginsbach/NewOverlayLocalJavaRebase
codeql/javascript/ql/test/library-tests/TaintTracking/object-bypass-sanitizer.js
Asger F 2eff07f476 JS: Update TaintTracking test
2023-10-13 13:15:08 +02:00

38 lines
867 B
JavaScript
Raw Permalink Blame History

import * as dummy from 'dummy';
function sanitizer_id(x) {
if (really_complicated_reason(x))
return x;
return null;
}
function useTaintedValue(x) {
if (isSafe(x)) {
sink(x); // OK
sink(x.foo); // OK
}
sink(sanitizer_id(x)); // OK
sink(sanitizer_id(x.foo)); // OK
sink(sanitizer_id(x).foo); // OK
}
function useTaintedObject(obj) {
if (isSafe(obj)) {
sink(obj); // OK
sink(obj.foo); // NOT OK [INCONSISTENCY] - FN caused by barriers blocking content flow
}
sink(sanitizer_id(obj)); // OK
sink(sanitizer_id(obj.foo)); // OK
sink(sanitizer_id(obj).foo); // NOT OK [INCONSISTENCY] - FN caused by barriers blocking content flow
}
function test() {
useTaintedValue(source());
useTaintedValue(null);
useTaintedObject({ foo: source() });
useTaintedObject(null);
}
Reference in New Issue View Git Blame Copy Permalink