hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/pupeteer.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

19 lines
527 B
JavaScript
Raw Blame History

const puppeteer = require('puppeteer');
const parseTorrent = require('parse-torrent');
(async () => {
let tainted = "dir/" + parseTorrent(torrent).name + ".torrent.data"; // $ Source
const browser = await puppeteer.launch();
const page = await browser.newPage();
await page.pdf({ path: tainted, format: 'a4' }); // $ Alert
const pages = await browser.pages();
for (let i = 0; i < something(); i++) {
pages[i].screenshot({ path: tainted }); // $ Alert
}
await browser.close();
})();
Reference in New Issue View Git Blame Copy Permalink