hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-31 04:38:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
3b9eba2afc44ca2ea1030fea4a14dc8b8f96df4e
codeql/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/execa.js
Owen Mansel-Chan 0eccd902c2 js: Inline expectation should have space after $ 
This was a regex-find-replace from `// \$(?! )` (using a negative lookahead) to `// $ `.
2026-03-04 12:45:03 +00:00

20 lines
629 B
JavaScript
Raw Blame History

import { execa, $ } from 'execa';
import http from 'node:http'
import url from 'url'
http.createServer(async function (req, res) {
let filePath = url.parse(req.url, true).query["filePath"][0]; // $ Source
// Piping to stdin from a file
await $({ inputFile: filePath })`cat` // $ Alert
// Piping to stdin from a file
await execa('cat', { inputFile: filePath }); // $ Alert
// Piping Stdout to file
await execa('echo', ['example3']).pipeStdout(filePath); // $ Alert
// Piping all of command output to file
await execa('echo', ['example4'], { all: true }).pipeAll(filePath); // $ Alert
});
Reference in New Issue View Git Blame Copy Permalink