hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 00:35:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
426edd55f2dd3a5fbec9eeb09ea17fe869de12ce
codeql/javascript/ql/test/query-tests/Security/CWE-807/ConditionalBypass.expected
Asger F 426edd55f2 JS: Update output after line number change 
Some OK-style comments had to be moved to the following line, shifting line numbers.

In selected range also included the comments themselves.

Lastly, the result sets were reordered by the CLI in some cases.
2025-02-28 13:27:31 +01:00

65 lines
6.8 KiB
Plaintext
Raw Blame History

edges
| example_bypass.js:6:9:6:19 | req.cookies | example_bypass.js:6:9:6:34 | req.coo ... nUserId | provenance | |
| tst.js:13:9:13:19 | req.cookies | tst.js:13:9:13:30 | req.coo ... inThing | provenance | |
| tst.js:24:17:24:17 | v | tst.js:25:16:25:16 | v | provenance | |
| tst.js:27:9:27:37 | v3 | tst.js:28:9:28:10 | v3 | provenance | |
| tst.js:27:14:27:37 | id(req. ... okieId) | tst.js:27:9:27:37 | v3 | provenance | |
| tst.js:27:17:27:27 | req.cookies | tst.js:27:17:27:36 | req.cookies.cookieId | provenance | |
| tst.js:27:17:27:36 | req.cookies.cookieId | tst.js:24:17:24:17 | v | provenance | |
| tst.js:27:17:27:36 | req.cookies.cookieId | tst.js:27:14:27:37 | id(req. ... okieId) | provenance | |
| tst.js:33:13:33:23 | req.cookies | tst.js:33:13:33:32 | req.cookies.cookieId | provenance | |
| tst.js:38:9:38:19 | req.cookies | tst.js:38:9:38:28 | req.cookies.cookieId | provenance | |
| tst.js:61:9:61:19 | req.cookies | tst.js:61:9:61:28 | req.cookies.cookieId | provenance | |
| tst.js:65:14:65:24 | req.cookies | tst.js:65:14:65:33 | req.cookies.cookieId | provenance | |
| tst.js:78:9:78:19 | req.cookies | tst.js:78:9:78:28 | req.cookies.cookieId | provenance | |
| tst.js:78:9:78:19 | req.cookies | tst.js:78:9:78:28 | req.cookies.cookieId | provenance | |
| tst.js:78:9:78:28 | req.cookies.cookieId | tst.js:78:9:78:41 | req.coo ... secret" | provenance | Config |
nodes
| example_bypass.js:6:9:6:19 | req.cookies | semmle.label | req.cookies |
| example_bypass.js:6:9:6:34 | req.coo ... nUserId | semmle.label | req.coo ... nUserId |
| example_bypass.js:6:40:6:56 | req.params.userId | semmle.label | req.params.userId |
| example_bypass.js:16:46:16:62 | req.params.userId | semmle.label | req.params.userId |
| tst.js:9:8:9:26 | req.params.shutDown | semmle.label | req.params.shutDown |
| tst.js:13:9:13:19 | req.cookies | semmle.label | req.cookies |
| tst.js:13:9:13:30 | req.coo ... inThing | semmle.label | req.coo ... inThing |
| tst.js:24:17:24:17 | v | semmle.label | v |
| tst.js:25:16:25:16 | v | semmle.label | v |
| tst.js:27:9:27:37 | v3 | semmle.label | v3 |
| tst.js:27:14:27:37 | id(req. ... okieId) | semmle.label | id(req. ... okieId) |
| tst.js:27:17:27:27 | req.cookies | semmle.label | req.cookies |
| tst.js:27:17:27:36 | req.cookies.cookieId | semmle.label | req.cookies.cookieId |
| tst.js:28:9:28:10 | v3 | semmle.label | v3 |
| tst.js:33:13:33:23 | req.cookies | semmle.label | req.cookies |
| tst.js:33:13:33:32 | req.cookies.cookieId | semmle.label | req.cookies.cookieId |
| tst.js:38:9:38:19 | req.cookies | semmle.label | req.cookies |
| tst.js:38:9:38:28 | req.cookies.cookieId | semmle.label | req.cookies.cookieId |
| tst.js:44:8:44:23 | req.params.login | semmle.label | req.params.login |
| tst.js:57:8:57:23 | req.params.login | semmle.label | req.params.login |
| tst.js:61:9:61:19 | req.cookies | semmle.label | req.cookies |
| tst.js:61:9:61:28 | req.cookies.cookieId | semmle.label | req.cookies.cookieId |
| tst.js:61:34:61:53 | req.params.requestId | semmle.label | req.params.requestId |
| tst.js:65:14:65:24 | req.cookies | semmle.label | req.cookies |
| tst.js:65:14:65:33 | req.cookies.cookieId | semmle.label | req.cookies.cookieId |
| tst.js:65:39:65:58 | req.params.requestId | semmle.label | req.params.requestId |
| tst.js:78:9:78:19 | req.cookies | semmle.label | req.cookies |
| tst.js:78:9:78:28 | req.cookies.cookieId | semmle.label | req.cookies.cookieId |
| tst.js:78:9:78:28 | req.cookies.cookieId | semmle.label | req.cookies.cookieId |
| tst.js:78:9:78:41 | req.coo ... secret" | semmle.label | req.coo ... secret" |
| tst.js:91:10:91:17 | req.body | semmle.label | req.body |
| tst.js:98:13:98:32 | req.query.vulnerable | semmle.label | req.query.vulnerable |
| tst.js:105:13:105:32 | req.query.vulnerable | semmle.label | req.query.vulnerable |
| tst.js:113:13:113:32 | req.query.vulnerable | semmle.label | req.query.vulnerable |
subpaths
| tst.js:27:17:27:36 | req.cookies.cookieId | tst.js:24:17:24:17 | v | tst.js:25:16:25:16 | v | tst.js:27:14:27:37 | id(req. ... okieId) |
#select
| tst.js:9:8:9:26 | req.params.shutDown | tst.js:9:8:9:26 | req.params.shutDown | tst.js:9:8:9:26 | req.params.shutDown | This condition guards a sensitive $@, but a $@ controls it. | tst.js:10:9:10:22 | process.exit() | action | tst.js:9:8:9:26 | req.params.shutDown | user-provided value |
| tst.js:13:9:13:30 | req.coo ... inThing | tst.js:13:9:13:19 | req.cookies | tst.js:13:9:13:30 | req.coo ... inThing | This condition guards a sensitive $@, but a $@ controls it. | tst.js:14:9:14:17 | o.login() | action | tst.js:13:9:13:19 | req.cookies | user-provided value |
| tst.js:28:9:28:10 | v3 | tst.js:27:17:27:27 | req.cookies | tst.js:28:9:28:10 | v3 | This condition guards a sensitive $@, but a $@ controls it. | tst.js:29:9:29:22 | process.exit() | action | tst.js:27:17:27:27 | req.cookies | user-provided value |
| tst.js:33:13:33:32 | req.cookies.cookieId | tst.js:33:13:33:23 | req.cookies | tst.js:33:13:33:32 | req.cookies.cookieId | This condition guards a sensitive $@, but a $@ controls it. | tst.js:34:13:34:26 | process.exit() | action | tst.js:33:13:33:23 | req.cookies | user-provided value |
| tst.js:38:9:38:28 | req.cookies.cookieId | tst.js:38:9:38:19 | req.cookies | tst.js:38:9:38:28 | req.cookies.cookieId | This condition guards a sensitive $@, but a $@ controls it. | tst.js:40:13:40:26 | process.exit() | action | tst.js:38:9:38:19 | req.cookies | user-provided value |
| tst.js:44:8:44:23 | req.params.login | tst.js:44:8:44:23 | req.params.login | tst.js:44:8:44:23 | req.params.login | This condition guards a sensitive $@, but a $@ controls it. | tst.js:47:9:47:15 | login() | action | tst.js:44:8:44:23 | req.params.login | user-provided value |
| tst.js:57:8:57:23 | req.params.login | tst.js:57:8:57:23 | req.params.login | tst.js:57:8:57:23 | req.params.login | This condition guards a sensitive $@, but a $@ controls it. | tst.js:58:9:58:15 | login() | action | tst.js:57:8:57:23 | req.params.login | user-provided value |
| tst.js:78:9:78:41 | req.coo ... secret" | tst.js:78:9:78:19 | req.cookies | tst.js:78:9:78:41 | req.coo ... secret" | This condition guards a sensitive $@, but a $@ controls it. | tst.js:79:9:79:22 | process.exit() | action | tst.js:78:9:78:19 | req.cookies | user-provided value |
| tst.js:98:13:98:32 | req.query.vulnerable | tst.js:98:13:98:32 | req.query.vulnerable | tst.js:98:13:98:32 | req.query.vulnerable | This condition guards a sensitive $@, but a $@ controls it. | tst.js:101:9:101:16 | verify() | action | tst.js:98:13:98:32 | req.query.vulnerable | user-provided value |
| tst.js:105:13:105:32 | req.query.vulnerable | tst.js:105:13:105:32 | req.query.vulnerable | tst.js:105:13:105:32 | req.query.vulnerable | This condition guards a sensitive $@, but a $@ controls it. | tst.js:108:13:108:20 | verify() | action | tst.js:105:13:105:32 | req.query.vulnerable | user-provided value |
Reference in New Issue View Git Blame Copy Permalink