hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
yo-h/java15
codeql/javascript/ql/test/query-tests/Security/CWE-400/tst.js
Max Schaefer f1c538a97b JavaScript: Restrict RemotePropertyInjection query to avoid double-reporting. 
This query now only flags user-controlled property and header writes, method calls are handled by the new unsafe/unvalidated method call queries.
2018-11-28 08:16:31 +00:00

25 lines
666 B
JavaScript
Raw Permalink Blame History

var express = require('express');
var app = express();
var myObj = {}
app.get('/user/:id', function(req, res) {
myCoolLocalFct(req.query.userControlled);
var prop = myCoolLocalFct(req.query.userControlled);
myObj[prop] = 23; // NOT OK
myObj.prop = 23; // OK
var x = myObj[prop]; // NOT OK, but flagged by different query
x(23);
delete myObj[prop]; // NOT OK
Object.defineProperty(myObj, prop, {value: 24}); // NOT OK
var headers = {};
headers[prop] = 42; // NOT OK
res.set(headers);
myCoolLocalFct[req.query.x](); // OK - flagged by method name injection
});
function myCoolLocalFct(x) {
var result = x;
return result.substring(0, result.length);
}
Reference in New Issue View Git Blame Copy Permalink