JS: add newline removal tests for js/incomplete-sanitization

Esben Sparre Andreasen · Esben Sparre Andreasen · commit bdbd00e046a5 · 2019-04-23T08:37:39.000+02:00
diff --git a/javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteSanitization.expected b/javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/IncompleteSanitization.expected
@@ -25,4 +25,7 @@
 | tst.js:140:2:140:27 | s.repla ... replace | This replaces only the first occurrence of /}/. |
 | tst.js:141:2:141:10 | s.replace | This replaces only the first occurrence of ']'. |
 | tst.js:141:2:141:27 | s.repla ... replace | This replaces only the first occurrence of '['. |
-| tst.js:185:9:185:17 | s.replace | This replaces only the first occurrence of /'/. |
+| tst.js:146:2:146:68 | require ... replace | This replaces only the first occurrence of "\\n". |
+| tst.js:148:2:148:10 | x.replace | This replaces only the first occurrence of "\\n". |
+| tst.js:149:2:149:24 | x.repla ... replace | This replaces only the first occurrence of "\\n". |
+| tst.js:193:9:193:17 | s.replace | This replaces only the first occurrence of /'/. |
diff --git a/javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/tst.js b/javascript/ql/test/query-tests/Security/CWE-116/IncompleteSanitization/tst.js
@@ -141,6 +141,14 @@ function good12(s) {
 	s.replace(']', '').replace('[', ''); // probably OK, but still flagged
 }
 
+function newlines(s) {
+	// motivation for whitelist
+	require("child_process").execSync("which emacs").toString().replace("\n", ""); // OK
+
+	x.replace("\n", "").replace(x, y); // NOT OK
+	x.replace(x, y).replace("\n", ""); // NOT OK
+}
+
 app.get('/some/path', function(req, res) {
   let untrusted = req.param("p");
 
