hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
66737402c20fc83b3d3a654dcccf4b26c901b100
codeql/javascript/ql/test/query-tests/Security/CWE-834/LoopBoundInjectionBad.js
Asger F 64d39da5f8 JS: Accept Sources/Sink tags
2025-02-28 13:29:30 +01:00

57 lines
1.1 KiB
JavaScript
Raw Blame History

'use strict';
var express = require('express');
var router = new express.Router();
var rootRoute = router.route('foobar');
rootRoute.post(function(req, res) {
problem(req.body); // $ Source
whileLoop(req.body); // $ Source
useLengthIndirectly(req.body); // $ Source
noNullPointer(req.body); // $ Source
});
function problem(val) {
var ret = [];
for (var i = 0; i < val.length; i++) { // $ Alert
ret.push(val[i]);
}
}
function whileLoop(val) {
var ret = [];
var i = 0;
while (i < val.length) { // $ Alert
ret.push(val[i]);
i++;
}
}
function useLengthIndirectly(val) {
var ret = [];
var len = val.length; // $ Alert
for (var i = 0; i < len; i++) {
ret.push(val[i]);
}
}
// The obvious null-pointer detection should not hit this one.
function noNullPointer(val) {
var ret = [];
const c = 0;
for (var i = 0; i < val.length; i++) { // $ Alert
// Constantly accessing element 0, therefore not guaranteed null-pointer.
ret.push(val[c].foo);
}
}
Reference in New Issue View Git Blame Copy Permalink