File tree Expand file tree Collapse file tree 2 files changed +19
-0
lines changed
javascript/ql/test/library-tests/TaintTracking Expand file tree Collapse file tree 2 files changed +19
-0
lines changed Original file line number Diff line number Diff line change 1+ | access-path-sanitizer.js:2:18:2:25 | source() | access-path-sanitizer.js:4:8:4:12 | obj.x |
2+ | access-path-sanitizer.js:2:18:2:25 | source() | access-path-sanitizer.js:15:10:15:14 | obj.x |
13| addexpr.js:4:10:4:17 | source() | addexpr.js:7:8:7:8 | x |
24| addexpr.js:11:15:11:22 | source() | addexpr.js:21:8:21:12 | value |
35| advanced-callgraph.js:2:13:2:20 | source() | advanced-callgraph.js:6:22:6:22 | v |
Original file line number Diff line number Diff line change 1+ function foo ( ) {
2+ let obj = { x : source ( ) } ;
3+
4+ sink ( obj . x ) ; // NOT OK
5+
6+ if ( isSafe ( obj . x ) ) {
7+ sink ( obj . x ) ; // OK
8+ }
9+
10+ if ( typeof obj === "object" && isSafe ( obj . x ) ) {
11+ sink ( obj . x ) ; // OK
12+ }
13+
14+ if ( isSafe ( obj . x ) && typeof obj === "object" ) {
15+ sink ( obj . x ) ; // OK - but flagged anyway
16+ }
17+ }
You can’t perform that action at this time.
0 commit comments