hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/javascript/ql/test/library-tests/Promises/flow2.js
Erik Krogh Kristensen 4bc91c4439 add support for Promise.any
2020-09-21 10:50:06 +02:00

27 lines
847 B
JavaScript
Raw Permalink Blame History

(async function () {
var source = "source";
Promise.all([source, "clean"]).then((arr) => {
sink(arr); // OK
sink(arr[0]); // NOT OK
sink(arr[1]); // OK
})
var [clean, tainted] = await Promise.all(["clean", source]);
sink(clean); // OK
sink(tainted); // NOT OK
var [clean2, tainted2] = await Promise.resolve(Promise.all(["clean", source]));
sink(clean2); // OK
sink(tainted2); // NOT OK
var [clean3, tainted3] = await Promise.all(["clean", Promise.resolve(source)]);
sink(clean3); // OK
sink(tainted3); // NOT OK - but only flagged by taint-tracking
var tainted4 = await Promise.race(["clean", Promise.resolve(source)]);
sink(tainted4); // NOT OK - but only flagged by taint-tracking
var tainted5 = await Promise.any(["clean", Promise.resolve(source)]);
sink(tainted5); // NOT OK - but only flagged by taint-tracking
});
Reference in New Issue View Git Blame Copy Permalink