hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-134/tst.js
Asger F 9be041e27d JS: Update OK-style comments to $-style
2025-02-28 13:27:28 +01:00

28 lines
1.6 KiB
JavaScript
Raw Blame History

let express = require('express');
let app = express();
app.get("/some/path", (req, res) => {
util.format(req.query.format, arg); // $ Alert
require('util').format(req.query.format, arg); // $ Alert
console.log(req.query.format, arg); // $ Alert
console.error(req.query.format, arg); // $ Alert
console.info(req.query.format, arg); // $ Alert
util.log(req.query.format, arg); // $ Alert
util.formatWithOptions(opts, req.query.format, arg); // $ Alert
require('printf')(req.query.format, arg); // $ Alert
require('printf')(write_stream, req.query.format, arg); // $ Alert
require('printj').sprintf(req.query.format, arg); // $ Alert
require('printj').vsprintf(req.query.format, arg); // $ Alert
require('format-util')(req.query.format, arg); // $ Alert
require('string-template')(req.query.format, arg); // $ Alert
require('string-template/compile')(req.query.format, arg); // $ Alert
util.format(req.query.format);
console.debug(req.query.format, arg); // $ Alert
console.warn(req.query.format, arg); // $ Alert
console.trace(req.query.format, arg); // $ Alert
console.assert(false, req.query.format);
console.assert(false, req.query.format, arg); // $ Alert
require("sprintf-js").sprintf(req.query.format, arg); // $ Alert
require("sprintf-js").vsprintf(req.query.format, args); // $ Alert
});
Reference in New Issue View Git Blame Copy Permalink