JS: Add regression test

asger-semmle · asger-semmle · commit ebd7875cae96 · 2019-09-06T15:38:55.000+01:00
diff --git a/javascript/ql/test/query-tests/Security/CWE-020/IncorrectSuffixCheck.expected b/javascript/ql/test/query-tests/Security/CWE-020/IncorrectSuffixCheck.expected
@@ -9,3 +9,5 @@
 | tst.js:67:32:67:71 | x.index ... gth - 1 | This suffix check is missing a length comparison to correctly handle indexOf returning -1. |
 | tst.js:76:25:76:57 | index = ... gth - 1 | This suffix check is missing a length comparison to correctly handle indexOf returning -1. |
 | tst.js:80:10:80:57 | x.index ... th + 1) | This suffix check is missing a length comparison to correctly handle indexOf returning -1. |
+| tst.js:94:49:94:112 | x.lastI ... .length | This suffix check is missing a length comparison to correctly handle lastIndexOf returning -1. |
+| tst.js:98:49:98:112 | x.lastI ... .length | This suffix check is missing a length comparison to correctly handle lastIndexOf returning -1. |
diff --git a/javascript/ql/test/query-tests/Security/CWE-020/tst.js b/javascript/ql/test/query-tests/Security/CWE-020/tst.js
@@ -89,3 +89,11 @@ function withIndexOfCheckLowerEq(x, y) {
   let index = x.indexOf(y);
   return !(index <= -1) && index === x.length - y.length - 1; // OK
 }
+
+function lastIndexNeqMinusOne(x) {
+  return x.lastIndexOf("example.com") !== -1 && x.lastIndexOf("example.com") === x.length - "example.com".length; // OK
+}
+
+function lastIndexEqMinusOne(x) {
+  return x.lastIndexOf("example.com") === -1 || x.lastIndexOf("example.com") === x.length - "example.com".length; // OK
+}
