hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/module.js
Asger F 9be041e27d JS: Update OK-style comments to $-style
2025-02-28 13:27:28 +01:00

13 lines
407 B
JavaScript
Raw Blame History

var express = require('express'),
Module = require('module');
var app = express();
app.get('/some/path', function (req, res) {
let filename = req.query.filename;
var m = new Module(filename, module.parent);
m._compile(req.query.code, filename); // $ Alert[js/code-injection]
var m2 = new module.constructor;
m2._compile(req.query.code, filename); // $ Alert[js/code-injection]
});
Reference in New Issue View Git Blame Copy Permalink