hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/library-tests/TaintTracking/constructor-calls.js
Asger F 2eff07f476 JS: Update TaintTracking test
2023-10-13 13:15:08 +02:00

46 lines
854 B
JavaScript
Raw Blame History

class EcmaClass {
constructor(param) {
this.param = param;
this.taint = source();
}
}
function JsClass(param) {
this.param = param;
this.taint = source();
}
class SubClass extends EcmaClass {
constructor(param) {
super(param);
}
}
function test() {
let taint = source();
let c = new EcmaClass(taint);
sink(c.param); // NOT OK
sink(c.taint); // NOT OK
let c_safe = new EcmaClass("safe");
sink(c_safe.param); // OK
sink(c_safe.taint); // NOT OK
let d = new JsClass(taint);
sink(d.param); // NOT OK
sink(d.taint); // NOT OK
let d_safe = new JsClass("safe");
sink(d_safe.param); // OK
sink(d_safe.taint); // NOT OK
let e = new SubClass(taint);
sink(e.param); // NOT OK
sink(e.taint); // NOT OK
let f_safe = new SubClass("safe");
sink(f_safe.param); // OK
sink(f_safe.taint); // NOT OK
}
Reference in New Issue View Git Blame Copy Permalink