mirror of
https://github.com/github/codeql.git
synced 2025-12-18 01:33:15 +01:00
cf23c50f0c
Adds getASpreadArgument() and defines getCalleeName() for reflective calls to be the name of the property being invoked, if there is one.
38 lines
603 B
JavaScript
38 lines
603 B
JavaScript
function test(x, y) {
|
|
let a = [];
|
|
a.splice(source(), x);
|
|
sink(a); // OK
|
|
|
|
let b = [];
|
|
b.splice(x, source());
|
|
sink(b); // OK
|
|
|
|
let c = [];
|
|
c.splice(source(), x, y);
|
|
sink(c); // OK
|
|
|
|
let d = [];
|
|
d.splice(x, source(), y);
|
|
sink(d); // OK
|
|
|
|
let e = [];
|
|
e.splice(x, y, source());
|
|
sink(e); // NOT OK
|
|
|
|
let f = [];
|
|
f.push(...source());
|
|
sink(f); // NOT OK
|
|
|
|
let g = [];
|
|
g.unshift(...source());
|
|
sink(g); // NOT OK
|
|
|
|
let h = [];
|
|
Array.prototype.push.apply(h, source());
|
|
sink(h); // NOT OK
|
|
|
|
let i = [];
|
|
Array.prototype.unshift.apply(i, source());
|
|
sink(i); // NOT OK
|
|
}
|