JS: Add test for fs/promises

asgerf · asgerf · commit 06bc0f695728 · 2023-07-10T12:05:03.000+02:00
diff --git a/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
@@ -2813,6 +2813,92 @@ nodes
 | other-fs-libraries.js:72:15:72:18 | path |
 | other-fs-libraries.js:72:15:72:18 | path |
 | other-fs-libraries.js:72:15:72:18 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:24:77:30 | req.url |
+| other-fs-libraries.js:77:24:77:30 | req.url |
+| other-fs-libraries.js:77:24:77:30 | req.url |
+| other-fs-libraries.js:77:24:77:30 | req.url |
+| other-fs-libraries.js:77:24:77:30 | req.url |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:79:16:79:19 | path |
 | prettier.js:6:11:6:28 | p |
 | prettier.js:6:11:6:28 | p |
 | prettier.js:6:11:6:28 | p |
@@ -8288,6 +8374,118 @@ edges
 | other-fs-libraries.js:68:24:68:30 | req.url | other-fs-libraries.js:68:14:68:37 | url.par ... , true) |
 | other-fs-libraries.js:68:24:68:30 | req.url | other-fs-libraries.js:68:14:68:37 | url.par ... , true) |
 | other-fs-libraries.js:68:24:68:30 | req.url | other-fs-libraries.js:68:14:68:37 | url.par ... , true) |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:7:77:48 | path | other-fs-libraries.js:79:16:79:19 | path |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:37 | url.par ... , true) | other-fs-libraries.js:77:14:77:43 | url.par ... ).query |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:43 | url.par ... ).query | other-fs-libraries.js:77:14:77:48 | url.par ... ry.path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:14:77:48 | url.par ... ry.path | other-fs-libraries.js:77:7:77:48 | path |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
+| other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:77:14:77:37 | url.par ... , true) |
 | prettier.js:6:11:6:28 | p | prettier.js:7:28:7:28 | p |
 | prettier.js:6:11:6:28 | p | prettier.js:7:28:7:28 | p |
 | prettier.js:6:11:6:28 | p | prettier.js:7:28:7:28 | p |
@@ -10187,6 +10385,7 @@ edges
 | other-fs-libraries.js:70:19:70:22 | path | other-fs-libraries.js:68:24:68:30 | req.url | other-fs-libraries.js:70:19:70:22 | path | This path depends on a $@. | other-fs-libraries.js:68:24:68:30 | req.url | user-provided value |
 | other-fs-libraries.js:71:10:71:13 | path | other-fs-libraries.js:68:24:68:30 | req.url | other-fs-libraries.js:71:10:71:13 | path | This path depends on a $@. | other-fs-libraries.js:68:24:68:30 | req.url | user-provided value |
 | other-fs-libraries.js:72:15:72:18 | path | other-fs-libraries.js:68:24:68:30 | req.url | other-fs-libraries.js:72:15:72:18 | path | This path depends on a $@. | other-fs-libraries.js:68:24:68:30 | req.url | user-provided value |
+| other-fs-libraries.js:79:16:79:19 | path | other-fs-libraries.js:77:24:77:30 | req.url | other-fs-libraries.js:79:16:79:19 | path | This path depends on a $@. | other-fs-libraries.js:77:24:77:30 | req.url | user-provided value |
 | prettier.js:7:28:7:28 | p | prettier.js:6:13:6:13 | p | prettier.js:7:28:7:28 | p | This path depends on a $@. | prettier.js:6:13:6:13 | p | user-provided value |
 | prettier.js:11:44:11:44 | p | prettier.js:6:13:6:13 | p | prettier.js:11:44:11:44 | p | This path depends on a $@. | prettier.js:6:13:6:13 | p | user-provided value |
 | pupeteer.js:9:28:9:34 | tainted | pupeteer.js:5:28:5:53 | parseTo ... t).name | pupeteer.js:9:28:9:34 | tainted | This path depends on a $@. | pupeteer.js:5:28:5:53 | parseTo ... t).name | user-provided value |
diff --git a/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/fs.js b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/fs.js
@@ -45,4 +45,12 @@ var fs = {};
  */
 fs.readFileSync = function(filename, encoding) {};
 
+/**
+ * @param {string} filename
+ * @param {string} encoding
+ * @param {(function(NodeJS.ErrnoException, string): void)} callback
+ * @return {void}
+ */
+fs.readFile = function(filename, encoding, callback) {};
+
 module.exports = fs;
diff --git a/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/other-fs-libraries.js b/javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/other-fs-libraries.js
@@ -71,3 +71,10 @@ http.createServer(function(req, res) {
   mkdirp(path); // NOT OK
   mkdirp.sync(path); // NOT OK
 });
+
+const fsp = require("fs/promises");
+http.createServer(function(req, res) {
+  var path = url.parse(req.url, true).query.path;
+
+  fsp.readFile(path); // NOT OK
+});
