hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/javascript/ql/test/library-tests/TaintTracking/constructor-calls.js

32 lines
593 B
JavaScript
Raw Permalink Blame History

class EcmaClass {
constructor(param) {
this.param = param;
this.taint = source();
}
}
function JsClass(param) {
this.param = param;
this.taint = source();
}
function test() {
let taint = source();
let c = new EcmaClass(taint);
sink(c.param); // NOT OK
sink(c.taint); // NOT OK
let c_safe = new EcmaClass("safe");
sink(c_safe.param); // OK
sink(c_safe.taint); // NOT OK
let d = new JsClass(taint);
sink(d.param); // NOT OK
sink(d.taint); // NOT OK
let d_safe = new JsClass("safe");
sink(d_safe.param); // OK
sink(d_safe.taint); // NOT OK
}
Reference in New Issue View Git Blame Copy Permalink