hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
rc/1.19
codeql/javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.expected
Max Schaefer c75d785684 JavaScript: Fix modelling of _.partial. 
Like `Function.prototype.bind` (but unlike `ramda.partial`) it takes the curried arguments as rest arguments, not as an array;
cf. https://lodash.com/docs/4.17.10#partial and https://underscorejs.org/#partial.
2018-10-31 06:31:59 -04:00

68 lines
4.6 KiB
Plaintext
Raw Permalink Blame History

| a.js:1:15:1:23 | "tainted" | b.js:4:13:4:40 | whoKnow ... Tainted |
| a.js:1:15:1:23 | "tainted" | b.js:6:13:6:13 | x |
| a.js:2:15:2:28 | "also tainted" | b.js:5:13:5:29 | notTaintedTrustMe |
| destructuring.js:2:16:2:24 | "tainted" | destructuring.js:5:14:5:20 | tainted |
| destructuring.js:2:16:2:24 | "tainted" | destructuring.js:9:15:9:22 | tainted2 |
| destructuring.js:19:15:19:23 | "tainted" | destructuring.js:14:15:14:15 | p |
| destructuring.js:20:15:20:28 | "also tainted" | destructuring.js:15:15:15:15 | r |
| destructuring.js:21:15:21:29 | "still tainted" | destructuring.js:16:15:16:15 | s |
| esLib.js:3:21:3:29 | "tainted" | esClient.js:8:13:8:21 | es.source |
| esLib.js:3:21:3:29 | "tainted" | esClient.js:11:13:11:17 | esFoo |
| esLib.js:3:21:3:29 | "tainted" | nodeJsClient.js:5:13:5:21 | es.source |
| global.js:1:15:1:24 | "tainted1" | global.js:9:13:9:22 | g(source1) |
| global.js:1:15:1:24 | "tainted1" | global.js:17:13:17:27 | window.location |
| global.js:2:15:2:24 | "tainted2" | global.js:10:13:10:22 | g(source2) |
| global.js:5:22:5:35 | "also tainted" | global.js:9:13:9:22 | g(source1) |
| global.js:5:22:5:35 | "also tainted" | global.js:10:13:10:22 | g(source2) |
| nodeJsLib.js:1:15:1:23 | "tainted" | esClient.js:7:13:7:18 | nj.foo |
| nodeJsLib.js:1:15:1:23 | "tainted" | nodeJsClient.js:4:13:4:18 | nj.foo |
| nodeJsLib.js:2:15:2:23 | "tainted" | esClient.js:7:13:7:18 | nj.foo |
| nodeJsLib.js:2:15:2:23 | "tainted" | esClient.js:10:13:10:17 | njFoo |
| nodeJsLib.js:2:15:2:23 | "tainted" | nodeJsClient.js:4:13:4:18 | nj.foo |
| partial.js:5:15:5:24 | "tainted1" | partial.js:9:15:9:15 | x |
| partial.js:5:15:5:24 | "tainted1" | partial.js:15:15:15:15 | x |
| partial.js:5:15:5:24 | "tainted1" | partial.js:21:15:21:15 | x |
| partial.js:5:15:5:24 | "tainted1" | partial.js:27:15:27:15 | x |
| promises.js:2:16:2:24 | "tainted" | promises.js:7:16:7:18 | val |
| promises.js:2:16:2:24 | "tainted" | promises.js:38:32:38:32 | v |
| promises.js:11:22:11:31 | "resolved" | promises.js:19:20:19:20 | v |
| promises.js:11:22:11:31 | "resolved" | promises.js:27:16:27:16 | v |
| promises.js:12:22:12:31 | "rejected" | promises.js:21:20:21:20 | v |
| promises.js:12:22:12:31 | "rejected" | promises.js:24:20:24:20 | v |
| promises.js:12:22:12:31 | "rejected" | promises.js:27:16:27:16 | v |
| promises.js:32:24:32:37 | "also tainted" | promises.js:38:32:38:32 | v |
| properties2.js:7:14:7:21 | "source" | properties2.js:8:12:8:24 | foo(source).p |
| properties.js:2:16:2:24 | "tainted" | properties.js:5:14:5:23 | a.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:12:15:12:24 | x.someProp |
| properties.js:2:16:2:24 | "tainted" | properties.js:14:15:14:27 | tmp1.someProp |
| properties.js:18:26:18:42 | "tainted as well" | properties.js:20:24:20:33 | window.foo |
| tst2.js:2:17:2:26 | "tainted1" | tst2.js:10:15:10:24 | g(source1) |
| tst2.js:3:17:3:26 | "tainted2" | tst2.js:11:15:11:24 | g(source2) |
| tst2.js:6:24:6:37 | "also tainted" | tst2.js:10:15:10:24 | g(source1) |
| tst2.js:6:24:6:37 | "also tainted" | tst2.js:11:15:11:24 | g(source2) |
| tst4.js:2:16:2:24 | "tainted" | tst4.js:15:15:15:31 | id(still_tainted) |
| tst4.js:2:16:2:24 | "tainted" | tst4.js:16:15:16:28 | p.also_tainted |
| tst4.js:2:16:2:24 | "tainted" | tst4.js:17:15:17:28 | substr(source) |
| tst.js:2:17:2:22 | "src1" | tst.js:3:15:3:29 | String(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:4:15:4:29 | RegExp(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:5:15:5:33 | new String(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:6:15:6:33 | new String(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:14:15:14:32 | decodeURI(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:15:15:15:41 | decodeU ... ource1) |
| tst.js:2:17:2:22 | "src1" | tst.js:16:15:16:32 | encodeURI(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:17:15:17:41 | encodeU ... ource1) |
| tst.js:2:17:2:22 | "src1" | tst.js:19:16:19:34 | JSON.parse(source1) |
| tst.js:2:17:2:22 | "src1" | tst.js:20:16:20:37 | JSON.st ... sink10) |
| tst.js:2:17:2:22 | "src1" | tst.js:24:16:24:18 | foo |
| tst.js:2:17:2:22 | "src1" | tst.js:28:20:28:22 | elt |
| tst.js:2:17:2:22 | "src1" | tst.js:30:20:30:22 | ary |
| tst.js:2:17:2:22 | "src1" | tst.js:36:16:36:24 | dict[key] |
| tst.js:2:17:2:22 | "src1" | tst.js:39:17:39:17 | x |
| tst.js:2:17:2:22 | "src1" | tst.js:41:19:41:19 | x |
| tst.js:2:17:2:22 | "src1" | tst.js:45:17:45:17 | x |
| tst.js:2:17:2:22 | "src1" | tst.js:47:19:47:19 | x |
| tst.js:2:17:2:22 | "src1" | tst.js:59:16:59:18 | o.p |
| tst.js:2:17:2:22 | "src1" | tst.js:61:16:61:18 | o.r |
| tst.js:2:17:2:22 | "src1" | tst.js:68:16:68:22 | inner() |
| tst.js:2:17:2:22 | "src1" | tst.js:80:16:80:22 | outer() |
Reference in New Issue View Git Blame Copy Permalink