hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/NoSQLCodeInjection.js
Asger F 9be041e27d JS: Update OK-style comments to $-style
2025-02-28 13:27:28 +01:00

28 lines
862 B
JavaScript
Raw Blame History

const express = require("express"),
mongodb = require("mongodb"),
bodyParser = require("body-parser");
const MongoClient = mongodb.MongoClient;
const app = express();
app.use(bodyParser.urlencoded({ extended: true }));
app.post("/documents/find", (req, res) => {
const query = {};
query.title = req.body.title;
MongoClient.connect("mongodb://localhost:27017/test", (err, db) => {
let doc = db.collection("doc");
doc.find(query); // $ MISSING: Alert - that is flagged by js/sql-injection
doc.find({ $where: req.body.query }); // $ Alert[js/code-injection]
doc.find({ $where: "name = " + req.body.name }); // $ Alert[js/code-injection]
function mkWhereObj() {
return { $where: "name = " + req.body.name }; // $ Alert[js/code-injection]
}
doc.find(mkWhereObj()); // the alert location is in mkWhereObj.
});
});
Reference in New Issue View Git Blame Copy Permalink