hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
sauyon/java-spring-stringutils
codeql/javascript/ql/test/library-tests/frameworks/AsyncPackage/map.js
Asger F b40fa3845f JS: add model of async package
2018-11-06 12:12:43 +00:00

35 lines
627 B
JavaScript
Raw Permalink Blame History

let async_ = require('async');
function source() {
return 'TAINT'
}
function sink(x) {
console.log(x)
}
async_.map([source()],
(item, cb) => {
sink(item), // NOT OK
cb(null, 'safe');
},
(err, result) => sink(result) // OK
);
async_.map(['safe'],
(item, cb) => {
let src = source();
cb(null, src);
},
(err, result) => sink(result) // NOT OK
);
async_.map([source()],
(item, cb) => cb(null, item.substring(1)),
(err, result) => sink(result) // NOT OK
);
async_.map(['safe'],
(item, cb) => cb(null, item),
(err, result) => sink(result) // OK
);
Reference in New Issue View Git Blame Copy Permalink