File tree Expand file tree Collapse file tree
test/library-tests/TaintTracking Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -446,12 +446,12 @@ private module ArrayLibraries {
446446 }
447447
448448 /**
449- * A taint propagating data flow edge arising from sorting .
449+ * A taint propagating data flow edge arising from in-place array manipulation operations .
450450 */
451- private class SortTaintStep extends TaintTracking:: SharedTaintStep {
451+ private class ArrayInPlaceManipulationTaintStep extends TaintTracking:: SharedTaintStep {
452452 override predicate heapStep ( DataFlow:: Node pred , DataFlow:: Node succ ) {
453453 exists ( DataFlow:: MethodCallNode call |
454- call .getMethodName ( ) = "sort" and
454+ call .getMethodName ( ) in [ "sort" , "reverse" ] and
455455 pred = call .getReceiver ( ) and
456456 succ = call
457457 )
Original file line number Diff line number Diff line change @@ -233,6 +233,7 @@ typeInferenceMismatch
233233| tst.js:2:13:2:20 | source() | tst.js:48:10:48:22 | new Buffer(x) |
234234| tst.js:2:13:2:20 | source() | tst.js:51:10:51:31 | seriali ... ript(x) |
235235| tst.js:2:13:2:20 | source() | tst.js:54:14:54:19 | unsafe |
236+ | tst.js:2:13:2:20 | source() | tst.js:61:10:61:20 | x.reverse() |
236237| xml.js:5:18:5:25 | source() | xml.js:8:14:8:17 | text |
237238| xml.js:12:17:12:24 | source() | xml.js:13:14:13:19 | result |
238239| xml.js:23:18:23:25 | source() | xml.js:20:14:20:17 | attr |
Original file line number Diff line number Diff line change @@ -58,5 +58,5 @@ function test() {
5858
5959 tagged `foo ${ "safe" } ${ x } ;
6060
61- sink ( x . reverse ( ) ) ; // NOT OK -- Should be caught but isn't
61+ sink ( x . reverse ( ) ) ; // NOT OK
6262}
You can’t perform that action at this time.
0 commit comments