Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit e543097

Browse files
asger-semmleasger-semmle
committed
JS: Add test
1 parent ff574e5 commit e543097

2 files changed

Lines changed: 27 additions & 0 deletions

File tree

javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@
1212
| callbacks.js:44:17:44:24 | source() | callbacks.js:41:10:41:10 | x |
1313
| callbacks.js:50:18:50:25 | source() | callbacks.js:30:29:30:29 | y |
1414
| callbacks.js:51:18:51:25 | source() | callbacks.js:30:29:30:29 | y |
15+
| captured-sanitizer.js:25:3:25:10 | source() | captured-sanitizer.js:13:12:13:12 | x |
16+
| captured-sanitizer.js:25:3:25:10 | source() | captured-sanitizer.js:15:10:15:10 | x |
1517
| closure.js:6:15:6:22 | source() | closure.js:8:8:8:31 | string. ... (taint) |
1618
| closure.js:6:15:6:22 | source() | closure.js:9:8:9:25 | string.trim(taint) |
1719
| closure.js:6:15:6:22 | source() | closure.js:10:8:10:33 | string. ... nt, 50) |

javascript/ql/test/library-tests/TaintTracking/captured-sanitizer.js

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
import * as dummy from 'dummy';
2+
3+
function f(x) {
4+
useVar();
5+
useVar();
6+
mutateVar();
7+
mutateVar();
8+
9+
function useVar() {
10+
if (isSafe(x)) {
11+
causeReCapture();
12+
causeReCapture();
13+
sink(x); // OK
14+
}
15+
sink(x); // NOT OK
16+
}
17+
18+
function causeReCapture() {}
19+
20+
function mutateVar() {
21+
x = null;
22+
}
23+
}
24+
25+
f(source());

0 commit comments

Comments
 (0)