Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit cb95dbf

Browse files
asgerfasgerf
committed
JS: Add tests
1 parent 0497e60 commit cb95dbf

5 files changed

Lines changed: 63 additions & 0 deletions

File tree

javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/CommandInjection.expected

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,16 @@
11
nodes
2+
| actions.js:8:9:8:57 | title |
3+
| actions.js:8:17:8:57 | github. ... t.title |
4+
| actions.js:8:17:8:57 | github. ... t.title |
5+
| actions.js:9:8:9:22 | `echo ${title}` |
6+
| actions.js:9:8:9:22 | `echo ${title}` |
7+
| actions.js:9:16:9:20 | title |
8+
| actions.js:18:9:18:63 | head_ref |
9+
| actions.js:18:20:18:63 | github. ... ead.ref |
10+
| actions.js:18:20:18:63 | github. ... ead.ref |
11+
| actions.js:19:14:19:31 | `echo ${head_ref}` |
12+
| actions.js:19:14:19:31 | `echo ${head_ref}` |
13+
| actions.js:19:22:19:29 | head_ref |
214
| child_process-test.js:6:9:6:49 | cmd |
315
| child_process-test.js:6:15:6:38 | url.par ... , true) |
416
| child_process-test.js:6:15:6:44 | url.par ... ).query |
@@ -179,6 +191,16 @@ nodes
179191
| third-party-command-injection.js:6:21:6:27 | command |
180192
| third-party-command-injection.js:6:21:6:27 | command |
181193
edges
194+
| actions.js:8:9:8:57 | title | actions.js:9:16:9:20 | title |
195+
| actions.js:8:17:8:57 | github. ... t.title | actions.js:8:9:8:57 | title |
196+
| actions.js:8:17:8:57 | github. ... t.title | actions.js:8:9:8:57 | title |
197+
| actions.js:9:16:9:20 | title | actions.js:9:8:9:22 | `echo ${title}` |
198+
| actions.js:9:16:9:20 | title | actions.js:9:8:9:22 | `echo ${title}` |
199+
| actions.js:18:9:18:63 | head_ref | actions.js:19:22:19:29 | head_ref |
200+
| actions.js:18:20:18:63 | github. ... ead.ref | actions.js:18:9:18:63 | head_ref |
201+
| actions.js:18:20:18:63 | github. ... ead.ref | actions.js:18:9:18:63 | head_ref |
202+
| actions.js:19:22:19:29 | head_ref | actions.js:19:14:19:31 | `echo ${head_ref}` |
203+
| actions.js:19:22:19:29 | head_ref | actions.js:19:14:19:31 | `echo ${head_ref}` |
182204
| child_process-test.js:6:9:6:49 | cmd | child_process-test.js:17:13:17:15 | cmd |
183205
| child_process-test.js:6:9:6:49 | cmd | child_process-test.js:17:13:17:15 | cmd |
184206
| child_process-test.js:6:9:6:49 | cmd | child_process-test.js:18:17:18:19 | cmd |
@@ -344,6 +366,8 @@ edges
344366
| third-party-command-injection.js:5:20:5:26 | command | third-party-command-injection.js:6:21:6:27 | command |
345367
| third-party-command-injection.js:5:20:5:26 | command | third-party-command-injection.js:6:21:6:27 | command |
346368
#select
369+
| actions.js:9:8:9:22 | `echo ${title}` | actions.js:8:17:8:57 | github. ... t.title | actions.js:9:8:9:22 | `echo ${title}` | This command line depends on a $@. | actions.js:8:17:8:57 | github. ... t.title | user-provided value |
370+
| actions.js:19:14:19:31 | `echo ${head_ref}` | actions.js:18:20:18:63 | github. ... ead.ref | actions.js:19:14:19:31 | `echo ${head_ref}` | This command line depends on a $@. | actions.js:18:20:18:63 | github. ... ead.ref | user-provided value |
347371
| child_process-test.js:17:13:17:15 | cmd | child_process-test.js:6:25:6:31 | req.url | child_process-test.js:17:13:17:15 | cmd | This command line depends on a $@. | child_process-test.js:6:25:6:31 | req.url | user-provided value |
348372
| child_process-test.js:18:17:18:19 | cmd | child_process-test.js:6:25:6:31 | req.url | child_process-test.js:18:17:18:19 | cmd | This command line depends on a $@. | child_process-test.js:6:25:6:31 | req.url | user-provided value |
349373
| child_process-test.js:19:17:19:19 | cmd | child_process-test.js:6:25:6:31 | req.url | child_process-test.js:19:17:19:19 | cmd | This command line depends on a $@. | child_process-test.js:6:25:6:31 | req.url | user-provided value |

javascript/ql/test/query-tests/Security/CWE-078/CommandInjection/actions.js

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
const github = require('@actions/github');
2+
const aexec = require('@actions/exec');
3+
const { exec } = require('child_process');
4+
5+
// function to echo title
6+
function echo_title() {
7+
// get the title from the event pull request
8+
const title = github.context.payload.pull_request.title;
9+
exec(`echo ${title}`, (err, stdout, stderr) => { // NOT OK
10+
if (err) {
11+
return;
12+
}
13+
});
14+
}
15+
16+
// function which passes the issue title into an exec
17+
function exec_head_ref() {
18+
const head_ref = github.context.payload.pull_request.head.ref;
19+
aexec.exec(`echo ${head_ref}`).then((res) => { // NOT OK
20+
console.log(res);
21+
});
22+
}

javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,9 @@ nodes
1313
| NoSQLCodeInjection.js:22:36:22:43 | req.body |
1414
| NoSQLCodeInjection.js:22:36:22:43 | req.body |
1515
| NoSQLCodeInjection.js:22:36:22:48 | req.body.name |
16+
| actions.js:5:10:5:50 | github. ... message |
17+
| actions.js:5:10:5:50 | github. ... message |
18+
| actions.js:5:10:5:50 | github. ... message |
1619
| angularjs.js:10:22:10:36 | location.search |
1720
| angularjs.js:10:22:10:36 | location.search |
1821
| angularjs.js:10:22:10:36 | location.search |
@@ -191,6 +194,7 @@ edges
191194
| NoSQLCodeInjection.js:22:36:22:43 | req.body | NoSQLCodeInjection.js:22:36:22:48 | req.body.name |
192195
| NoSQLCodeInjection.js:22:36:22:48 | req.body.name | NoSQLCodeInjection.js:22:24:22:48 | "name = ... dy.name |
193196
| NoSQLCodeInjection.js:22:36:22:48 | req.body.name | NoSQLCodeInjection.js:22:24:22:48 | "name = ... dy.name |
197+
| actions.js:5:10:5:50 | github. ... message | actions.js:5:10:5:50 | github. ... message |
194198
| angularjs.js:10:22:10:36 | location.search | angularjs.js:10:22:10:36 | location.search |
195199
| angularjs.js:13:23:13:37 | location.search | angularjs.js:13:23:13:37 | location.search |
196200
| angularjs.js:16:28:16:42 | location.search | angularjs.js:16:28:16:42 | location.search |
@@ -306,6 +310,7 @@ edges
306310
| NoSQLCodeInjection.js:18:24:18:37 | req.body.query | NoSQLCodeInjection.js:18:24:18:31 | req.body | NoSQLCodeInjection.js:18:24:18:37 | req.body.query | This code execution depends on a $@. | NoSQLCodeInjection.js:18:24:18:31 | req.body | user-provided value |
307311
| NoSQLCodeInjection.js:19:24:19:48 | "name = ... dy.name | NoSQLCodeInjection.js:19:36:19:43 | req.body | NoSQLCodeInjection.js:19:24:19:48 | "name = ... dy.name | This code execution depends on a $@. | NoSQLCodeInjection.js:19:36:19:43 | req.body | user-provided value |
308312
| NoSQLCodeInjection.js:22:24:22:48 | "name = ... dy.name | NoSQLCodeInjection.js:22:36:22:43 | req.body | NoSQLCodeInjection.js:22:24:22:48 | "name = ... dy.name | This code execution depends on a $@. | NoSQLCodeInjection.js:22:36:22:43 | req.body | user-provided value |
313+
| actions.js:5:10:5:50 | github. ... message | actions.js:5:10:5:50 | github. ... message | actions.js:5:10:5:50 | github. ... message | This code execution depends on a $@. | actions.js:5:10:5:50 | github. ... message | user-provided value |
309314
| angularjs.js:10:22:10:36 | location.search | angularjs.js:10:22:10:36 | location.search | angularjs.js:10:22:10:36 | location.search | This code execution depends on a $@. | angularjs.js:10:22:10:36 | location.search | user-provided value |
310315
| angularjs.js:13:23:13:37 | location.search | angularjs.js:13:23:13:37 | location.search | angularjs.js:13:23:13:37 | location.search | This code execution depends on a $@. | angularjs.js:13:23:13:37 | location.search | user-provided value |
311316
| angularjs.js:16:28:16:42 | location.search | angularjs.js:16:28:16:42 | location.search | angularjs.js:16:28:16:42 | location.search | This code execution depends on a $@. | angularjs.js:16:28:16:42 | location.search | user-provided value |

javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/HeuristicSourceCodeInjection.expected

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,9 @@ nodes
1313
| NoSQLCodeInjection.js:22:36:22:43 | req.body |
1414
| NoSQLCodeInjection.js:22:36:22:43 | req.body |
1515
| NoSQLCodeInjection.js:22:36:22:48 | req.body.name |
16+
| actions.js:5:10:5:50 | github. ... message |
17+
| actions.js:5:10:5:50 | github. ... message |
18+
| actions.js:5:10:5:50 | github. ... message |
1619
| angularjs.js:10:22:10:36 | location.search |
1720
| angularjs.js:10:22:10:36 | location.search |
1821
| angularjs.js:10:22:10:36 | location.search |
@@ -195,6 +198,7 @@ edges
195198
| NoSQLCodeInjection.js:22:36:22:43 | req.body | NoSQLCodeInjection.js:22:36:22:48 | req.body.name |
196199
| NoSQLCodeInjection.js:22:36:22:48 | req.body.name | NoSQLCodeInjection.js:22:24:22:48 | "name = ... dy.name |
197200
| NoSQLCodeInjection.js:22:36:22:48 | req.body.name | NoSQLCodeInjection.js:22:24:22:48 | "name = ... dy.name |
201+
| actions.js:5:10:5:50 | github. ... message | actions.js:5:10:5:50 | github. ... message |
198202
| angularjs.js:10:22:10:36 | location.search | angularjs.js:10:22:10:36 | location.search |
199203
| angularjs.js:13:23:13:37 | location.search | angularjs.js:13:23:13:37 | location.search |
200204
| angularjs.js:16:28:16:42 | location.search | angularjs.js:16:28:16:42 | location.search |

javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/actions.js

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
const core = require('@actions/core');
2+
const github = require('@actions/github');
3+
4+
function test() {
5+
eval(github.context.payload.commits[1].message); // NOT OK
6+
eval(core.getInput('numbers')); // NOT OK
7+
eval(core.getMultilineInput('numbers').join('\n')); // NOT OK
8+
}

0 commit comments

Comments
 (0)