File tree Expand file tree Collapse file tree 2 files changed +31
-0
lines changed
javascript/ql/test/library-tests/TaintTracking Expand file tree Collapse file tree 2 files changed +31
-0
lines changed Original file line number Diff line number Diff line change @@ -68,6 +68,18 @@ typeInferenceMismatch
68
68
| exceptions.js:158:13:158:20 | source() | exceptions.js:161:10:161:10 | e |
69
69
| importedReactComponent.jsx:4:40:4:47 | source() | exportedReactComponent.jsx:2:10:2:19 | props.text |
70
70
| indexOf.js:4:11:4:18 | source() | indexOf.js:9:10:9:10 | x |
71
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:5:8:5:29 | JSON.st ... source) |
72
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:9:8:9:47 | require ... source) |
73
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:10:8:10:42 | require ... source) |
74
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:11:8:11:41 | require ... source) |
75
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:12:8:12:52 | require ... source) |
76
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:13:8:13:45 | require ... source) |
77
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:14:8:14:46 | require ... source) |
78
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:15:8:15:38 | require ... source) |
79
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:16:8:16:38 | require ... source) |
80
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:17:8:17:39 | require ... source) |
81
+ | json-serializers.js:2:16:2:23 | source() | json-serializers.js:18:8:18:40 | require ... source) |
82
+ | json-serializers.js:3:15:3:22 | source() | json-serializers.js:8:8:8:31 | jsonStr ... (taint) |
71
83
| nested-props.js:4:13:4:20 | source() | nested-props.js:5:10:5:14 | obj.x |
72
84
| nested-props.js:9:18:9:25 | source() | nested-props.js:10:10:10:16 | obj.x.y |
73
85
| nested-props.js:35:13:35:20 | source() | nested-props.js:36:10:36:20 | doLoad(obj) |
Original file line number Diff line number Diff line change
1
+ function foo ( ) {
2
+ let source = source ( ) ;
3
+ let taint = source ( ) ;
4
+
5
+ sink ( JSON . stringify ( source ) ) ; // NOT OK
6
+
7
+ var jsonStringifySafe = require ( "json-stringify-safe" ) ;
8
+ sink ( jsonStringifySafe ( taint ) ) ; // NOT OK
9
+ sink ( require ( "json-stable-stringify" ) ( source ) ) ; // NOT OK
10
+ sink ( require ( "stringify-object" ) ( source ) ) ; // NOT OK
11
+ sink ( require ( "json3" ) . stringify ( source ) ) ; // NOT OK
12
+ sink ( require ( "fast-json-stable-stringify" ) ( source ) ) ; // NOT OK
13
+ sink ( require ( "fast-safe-stringify" ) ( source ) ) ; // NOT OK
14
+ sink ( require ( "javascript-stringify" ) ( source ) ) ; // NOT OK
15
+ sink ( require ( "js-stringify" ) ( source ) ) ; // NOT OK
16
+ sink ( require ( "util" ) . inspect ( source ) ) ; // NOT OK
17
+ sink ( require ( "pretty-format" ) ( source ) ) ; // NOT OK
18
+ sink ( require ( "object-inspect" ) ( source ) ) ; // NOT OK
19
+ }
You can’t perform that action at this time.
0 commit comments