mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
14 lines
485 B
JavaScript
14 lines
485 B
JavaScript
var totallyHarmlessString = '636f6e736f6c652e6c6f672827636f646520696e6a656374696f6e2729';
|
|
eval(Buffer.from(totallyHarmlessString, 'hex').toString()); // NOT OK: eval("console.log('code injection')")
|
|
eval(totallyHarmlessString); // OK: throws parse error
|
|
|
|
var test = "0123456789";
|
|
try {
|
|
eval(test+"n"); // OK, but currently flagged
|
|
console.log("Bigints supported.");
|
|
} catch(e) {
|
|
console.log("Bigints not supported.");
|
|
}
|
|
|
|
require('babeface'); // OK
|