hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-073/TemplateObjectInjection.expected
Asger F 2a194a53af raw test output
2025-02-28 13:29:39 +01:00

79 lines
6.9 KiB
Plaintext
Raw Blame History

#select
| routes.js:2:23:2:30 | req.body | routes.js:2:23:2:30 | req.body | routes.js:2:23:2:30 | req.body | Template object depends on a $@. | routes.js:2:23:2:30 | req.body | user-provided value |
| tst2.js:7:28:7:40 | bodyParameter | tst2.js:6:25:6:32 | req.body | tst2.js:7:28:7:40 | bodyParameter | Template object depends on a $@. | tst2.js:6:25:6:32 | req.body | user-provided value |
| tst2.js:27:28:27:40 | bodyParameter | tst2.js:26:25:26:32 | req.body | tst2.js:27:28:27:40 | bodyParameter | Template object depends on a $@. | tst2.js:26:25:26:32 | req.body | user-provided value |
| tst2.js:35:28:35:40 | bodyParameter | tst2.js:34:25:34:32 | req.body | tst2.js:35:28:35:40 | bodyParameter | Template object depends on a $@. | tst2.js:34:25:34:32 | req.body | user-provided value |
| tst2.js:43:28:43:40 | bodyParameter | tst2.js:42:25:42:32 | req.body | tst2.js:43:28:43:40 | bodyParameter | Template object depends on a $@. | tst2.js:42:25:42:32 | req.body | user-provided value |
| tst2.js:52:28:52:40 | bodyParameter | tst2.js:51:25:51:32 | req.body | tst2.js:52:28:52:40 | bodyParameter | Template object depends on a $@. | tst2.js:51:25:51:32 | req.body | user-provided value |
| tst.js:10:28:10:40 | bodyParameter | tst.js:7:25:7:32 | req.body | tst.js:10:28:10:40 | bodyParameter | Template object depends on a $@. | tst.js:7:25:7:32 | req.body | user-provided value |
| tst.js:11:28:11:41 | queryParameter | tst.js:8:26:8:49 | req.que ... rameter | tst.js:11:28:11:41 | queryParameter | Template object depends on a $@. | tst.js:8:26:8:49 | req.que ... rameter | user-provided value |
| tst.js:24:28:24:30 | obj | tst.js:8:26:8:49 | req.que ... rameter | tst.js:24:28:24:30 | obj | Template object depends on a $@. | tst.js:8:26:8:49 | req.que ... rameter | user-provided value |
| tst.js:29:28:29:42 | JSON.parse(str) | tst.js:8:26:8:49 | req.que ... rameter | tst.js:29:28:29:42 | JSON.parse(str) | Template object depends on a $@. | tst.js:8:26:8:49 | req.que ... rameter | user-provided value |
edges
| tst2.js:6:9:6:46 | bodyParameter | tst2.js:7:28:7:40 | bodyParameter | provenance | |
| tst2.js:6:25:6:32 | req.body | tst2.js:6:25:6:46 | req.bod ... rameter | provenance | Config |
| tst2.js:6:25:6:46 | req.bod ... rameter | tst2.js:6:9:6:46 | bodyParameter | provenance | |
| tst2.js:26:9:26:46 | bodyParameter | tst2.js:27:28:27:40 | bodyParameter | provenance | |
| tst2.js:26:25:26:32 | req.body | tst2.js:26:25:26:46 | req.bod ... rameter | provenance | Config |
| tst2.js:26:25:26:46 | req.bod ... rameter | tst2.js:26:9:26:46 | bodyParameter | provenance | |
| tst2.js:34:9:34:46 | bodyParameter | tst2.js:35:28:35:40 | bodyParameter | provenance | |
| tst2.js:34:25:34:32 | req.body | tst2.js:34:25:34:46 | req.bod ... rameter | provenance | Config |
| tst2.js:34:25:34:46 | req.bod ... rameter | tst2.js:34:9:34:46 | bodyParameter | provenance | |
| tst2.js:42:9:42:46 | bodyParameter | tst2.js:43:28:43:40 | bodyParameter | provenance | |
| tst2.js:42:25:42:32 | req.body | tst2.js:42:25:42:46 | req.bod ... rameter | provenance | Config |
| tst2.js:42:25:42:46 | req.bod ... rameter | tst2.js:42:9:42:46 | bodyParameter | provenance | |
| tst2.js:51:9:51:46 | bodyParameter | tst2.js:52:28:52:40 | bodyParameter | provenance | |
| tst2.js:51:25:51:32 | req.body | tst2.js:51:25:51:46 | req.bod ... rameter | provenance | Config |
| tst2.js:51:25:51:46 | req.bod ... rameter | tst2.js:51:9:51:46 | bodyParameter | provenance | |
| tst.js:7:9:7:46 | bodyParameter | tst.js:10:28:10:40 | bodyParameter | provenance | |
| tst.js:7:25:7:32 | req.body | tst.js:7:25:7:46 | req.bod ... rameter | provenance | Config |
| tst.js:7:25:7:46 | req.bod ... rameter | tst.js:7:9:7:46 | bodyParameter | provenance | |
| tst.js:8:9:8:49 | queryParameter | tst.js:11:28:11:41 | queryParameter | provenance | |
| tst.js:8:9:8:49 | queryParameter | tst.js:20:19:20:32 | queryParameter | provenance | |
| tst.js:8:26:8:49 | req.que ... rameter | tst.js:8:9:8:49 | queryParameter | provenance | |
| tst.js:20:19:20:32 | queryParameter | tst.js:23:24:23:26 | obj | provenance | |
| tst.js:23:24:23:26 | obj | tst.js:24:28:24:30 | obj | provenance | |
| tst.js:23:24:23:26 | obj | tst.js:26:17:26:19 | obj | provenance | |
| tst.js:26:11:26:24 | str | tst.js:29:39:29:41 | str | provenance | |
| tst.js:26:17:26:19 | obj | tst.js:26:17:26:24 | obj + "" | provenance | Config |
| tst.js:26:17:26:24 | obj + "" | tst.js:26:11:26:24 | str | provenance | |
| tst.js:29:39:29:41 | str | tst.js:29:28:29:42 | JSON.parse(str) | provenance | Config |
nodes
| routes.js:2:23:2:30 | req.body | semmle.label | req.body |
| tst2.js:6:9:6:46 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:6:25:6:32 | req.body | semmle.label | req.body |
| tst2.js:6:25:6:46 | req.bod ... rameter | semmle.label | req.bod ... rameter |
| tst2.js:7:28:7:40 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:26:9:26:46 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:26:25:26:32 | req.body | semmle.label | req.body |
| tst2.js:26:25:26:46 | req.bod ... rameter | semmle.label | req.bod ... rameter |
| tst2.js:27:28:27:40 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:34:9:34:46 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:34:25:34:32 | req.body | semmle.label | req.body |
| tst2.js:34:25:34:46 | req.bod ... rameter | semmle.label | req.bod ... rameter |
| tst2.js:35:28:35:40 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:42:9:42:46 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:42:25:42:32 | req.body | semmle.label | req.body |
| tst2.js:42:25:42:46 | req.bod ... rameter | semmle.label | req.bod ... rameter |
| tst2.js:43:28:43:40 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:51:9:51:46 | bodyParameter | semmle.label | bodyParameter |
| tst2.js:51:25:51:32 | req.body | semmle.label | req.body |
| tst2.js:51:25:51:46 | req.bod ... rameter | semmle.label | req.bod ... rameter |
| tst2.js:52:28:52:40 | bodyParameter | semmle.label | bodyParameter |
| tst.js:7:9:7:46 | bodyParameter | semmle.label | bodyParameter |
| tst.js:7:25:7:32 | req.body | semmle.label | req.body |
| tst.js:7:25:7:46 | req.bod ... rameter | semmle.label | req.bod ... rameter |
| tst.js:8:9:8:49 | queryParameter | semmle.label | queryParameter |
| tst.js:8:26:8:49 | req.que ... rameter | semmle.label | req.que ... rameter |
| tst.js:10:28:10:40 | bodyParameter | semmle.label | bodyParameter |
| tst.js:11:28:11:41 | queryParameter | semmle.label | queryParameter |
| tst.js:20:19:20:32 | queryParameter | semmle.label | queryParameter |
| tst.js:23:24:23:26 | obj | semmle.label | obj |
| tst.js:24:28:24:30 | obj | semmle.label | obj |
| tst.js:26:11:26:24 | str | semmle.label | str |
| tst.js:26:17:26:19 | obj | semmle.label | obj |
| tst.js:26:17:26:24 | obj + "" | semmle.label | obj + "" |
| tst.js:29:28:29:42 | JSON.parse(str) | semmle.label | JSON.parse(str) |
| tst.js:29:39:29:41 | str | semmle.label | str |
subpaths
Reference in New Issue View Git Blame Copy Permalink