hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cb3bd4901b76eacde14675cb78059277c50eb348
codeql/javascript/ql/test/library-tests/TaintTracking/json-stringify.js
Erik Krogh Kristensen cb3bd4901b add taint step through the json2csv library
2021-07-12 10:51:42 +02:00

23 lines
874 B
JavaScript
Raw Blame History

function foo() {
let source = source();
let taint = source();
sink(JSON.stringify(source)); // NOT OK
var jsonStringifySafe = require("json-stringify-safe");
sink(jsonStringifySafe(taint)); // NOT OK
sink(require("json-stable-stringify")(source)); // NOT OK
sink(require("stringify-object")(source)); // NOT OK
sink(require("json3").stringify(source)); // NOT OK
sink(require("fast-json-stable-stringify")(source)); // NOT OK
sink(require("fast-safe-stringify")(source)); // NOT OK
sink(require("javascript-stringify")(source)); // NOT OK
sink(require("js-stringify")(source)); // NOT OK
sink(require("util").inspect(source)); // NOT OK
sink(require("pretty-format")(source)); // NOT OK
sink(require("object-inspect")(source)); // NOT OK
const json2csv = require('json2csv');
sink(new json2csv.Parser(opts).parse(source)); // NOT OK
}
Reference in New Issue View Git Blame Copy Permalink