hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 18:10:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
c20ee76826e10318f8f39c6fae901b743c2e8254
codeql/javascript/ql/test/query-tests/Security/CWE-506/HardcodedDataInterpretedAsCode.expected
Esben Sparre Andreasen 72b5edc144 Document and format event-stream-orig.js 
Some anti-virus products (rightfully) flag this event-stream-orig.js as a malicious file.
This change does two things:
- neutralises the file such that the code can not be run accidentally
- documents the purpose of the file
2022-02-04 09:27:47 +01:00

48 lines
3.5 KiB
Plaintext
Raw Blame History

nodes
| event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") |
| event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") |
| event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" |
| event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" |
| event-stream.js:9:11:9:37 | e("2e2f ... 17461") |
| event-stream.js:9:11:9:37 | e("2e2f ... 17461") |
| event-stream.js:9:13:9:36 | "2e2f74 ... 617461" |
| event-stream.js:9:13:9:36 | "2e2f74 ... 617461" |
| tst.js:1:5:1:88 | totallyHarmlessString |
| tst.js:1:29:1:88 | '636f6e ... 6e2729' |
| tst.js:1:29:1:88 | '636f6e ... 6e2729' |
| tst.js:2:6:2:46 | Buffer. ... 'hex') |
| tst.js:2:6:2:57 | Buffer. ... tring() |
| tst.js:2:6:2:57 | Buffer. ... tring() |
| tst.js:2:18:2:38 | totally ... sString |
| tst.js:5:5:5:23 | test |
| tst.js:5:12:5:23 | "0123456789" |
| tst.js:5:12:5:23 | "0123456789" |
| tst.js:7:8:7:11 | test |
| tst.js:7:8:7:15 | test+"n" |
| tst.js:7:8:7:15 | test+"n" |
edges
| event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" | event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") |
| event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" | event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") |
| event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" | event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") |
| event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" | event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") |
| event-stream.js:9:13:9:36 | "2e2f74 ... 617461" | event-stream.js:9:11:9:37 | e("2e2f ... 17461") |
| event-stream.js:9:13:9:36 | "2e2f74 ... 617461" | event-stream.js:9:11:9:37 | e("2e2f ... 17461") |
| event-stream.js:9:13:9:36 | "2e2f74 ... 617461" | event-stream.js:9:11:9:37 | e("2e2f ... 17461") |
| event-stream.js:9:13:9:36 | "2e2f74 ... 617461" | event-stream.js:9:11:9:37 | e("2e2f ... 17461") |
| tst.js:1:5:1:88 | totallyHarmlessString | tst.js:2:18:2:38 | totally ... sString |
| tst.js:1:29:1:88 | '636f6e ... 6e2729' | tst.js:1:5:1:88 | totallyHarmlessString |
| tst.js:1:29:1:88 | '636f6e ... 6e2729' | tst.js:1:5:1:88 | totallyHarmlessString |
| tst.js:2:6:2:46 | Buffer. ... 'hex') | tst.js:2:6:2:57 | Buffer. ... tring() |
| tst.js:2:6:2:46 | Buffer. ... 'hex') | tst.js:2:6:2:57 | Buffer. ... tring() |
| tst.js:2:18:2:38 | totally ... sString | tst.js:2:6:2:46 | Buffer. ... 'hex') |
| tst.js:5:5:5:23 | test | tst.js:7:8:7:11 | test |
| tst.js:5:12:5:23 | "0123456789" | tst.js:5:5:5:23 | test |
| tst.js:5:12:5:23 | "0123456789" | tst.js:5:5:5:23 | test |
| tst.js:7:8:7:11 | test | tst.js:7:8:7:15 | test+"n" |
| tst.js:7:8:7:11 | test | tst.js:7:8:7:15 | test+"n" |
#select
| event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") | event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" | event-stream-orig.js:96:15:96:41 | e("2e2f ... 17461") | Hard-coded data from $@ is interpreted as an import path. | event-stream-orig.js:96:17:96:40 | "2e2f74 ... 617461" | here |
| event-stream.js:9:11:9:37 | e("2e2f ... 17461") | event-stream.js:9:13:9:36 | "2e2f74 ... 617461" | event-stream.js:9:11:9:37 | e("2e2f ... 17461") | Hard-coded data from $@ is interpreted as an import path. | event-stream.js:9:13:9:36 | "2e2f74 ... 617461" | here |
| tst.js:2:6:2:57 | Buffer. ... tring() | tst.js:1:29:1:88 | '636f6e ... 6e2729' | tst.js:2:6:2:57 | Buffer. ... tring() | Hard-coded data from $@ is interpreted as code. | tst.js:1:29:1:88 | '636f6e ... 6e2729' | here |
| tst.js:7:8:7:15 | test+"n" | tst.js:5:12:5:23 | "0123456789" | tst.js:7:8:7:15 | test+"n" | Hard-coded data from $@ is interpreted as code. | tst.js:5:12:5:23 | "0123456789" | here |
Reference in New Issue View Git Blame Copy Permalink