Skip to content

Commit fd2e9f1

Browse files
asger-semmleasger-semmle
committed
JS: shift line numbers in RequestForgery test
1 parent bfe88e9 commit fd2e9f1

File tree

2 files changed

+38
-36
lines changed

2 files changed

+38
-36
lines changed

javascript/ql/test/query-tests/Security/CWE-918/RequestForgery.expected

Lines changed: 36 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -1,39 +1,39 @@
11
nodes
2-
| tst.js:12:9:12:52 | tainted |
3-
| tst.js:12:19:12:42 | url.par ... , true) |
4-
| tst.js:12:19:12:48 | url.par ... ).query |
5-
| tst.js:12:19:12:52 | url.par ... ery.url |
6-
| tst.js:12:29:12:35 | req.url |
7-
| tst.js:16:13:16:19 | tainted |
8-
| tst.js:18:17:18:23 | tainted |
9-
| tst.js:21:19:21:25 | tainted |
10-
| tst.js:24:13:24:31 | "http://" + tainted |
11-
| tst.js:24:25:24:31 | tainted |
12-
| tst.js:26:13:26:42 | "http:/ ... tainted |
13-
| tst.js:26:36:26:42 | tainted |
14-
| tst.js:28:13:28:43 | "http:/ ... tainted |
15-
| tst.js:28:37:28:43 | tainted |
16-
| tst.js:32:34:32:40 | tainted |
2+
| tst.js:14:9:14:52 | tainted |
3+
| tst.js:14:19:14:42 | url.par ... , true) |
4+
| tst.js:14:19:14:48 | url.par ... ).query |
5+
| tst.js:14:19:14:52 | url.par ... ery.url |
6+
| tst.js:14:29:14:35 | req.url |
7+
| tst.js:18:13:18:19 | tainted |
8+
| tst.js:20:17:20:23 | tainted |
9+
| tst.js:23:19:23:25 | tainted |
10+
| tst.js:26:13:26:31 | "http://" + tainted |
11+
| tst.js:26:25:26:31 | tainted |
12+
| tst.js:28:13:28:42 | "http:/ ... tainted |
13+
| tst.js:28:36:28:42 | tainted |
14+
| tst.js:30:13:30:43 | "http:/ ... tainted |
15+
| tst.js:30:37:30:43 | tainted |
16+
| tst.js:34:34:34:40 | tainted |
1717
edges
18-
| tst.js:12:9:12:52 | tainted | tst.js:16:13:16:19 | tainted |
19-
| tst.js:12:9:12:52 | tainted | tst.js:18:17:18:23 | tainted |
20-
| tst.js:12:9:12:52 | tainted | tst.js:21:19:21:25 | tainted |
21-
| tst.js:12:9:12:52 | tainted | tst.js:24:25:24:31 | tainted |
22-
| tst.js:12:9:12:52 | tainted | tst.js:26:36:26:42 | tainted |
23-
| tst.js:12:9:12:52 | tainted | tst.js:28:37:28:43 | tainted |
24-
| tst.js:12:9:12:52 | tainted | tst.js:32:34:32:40 | tainted |
25-
| tst.js:12:19:12:42 | url.par ... , true) | tst.js:12:19:12:48 | url.par ... ).query |
26-
| tst.js:12:19:12:48 | url.par ... ).query | tst.js:12:19:12:52 | url.par ... ery.url |
27-
| tst.js:12:19:12:52 | url.par ... ery.url | tst.js:12:9:12:52 | tainted |
28-
| tst.js:12:29:12:35 | req.url | tst.js:12:19:12:42 | url.par ... , true) |
29-
| tst.js:24:25:24:31 | tainted | tst.js:24:13:24:31 | "http://" + tainted |
30-
| tst.js:26:36:26:42 | tainted | tst.js:26:13:26:42 | "http:/ ... tainted |
31-
| tst.js:28:37:28:43 | tainted | tst.js:28:13:28:43 | "http:/ ... tainted |
18+
| tst.js:14:9:14:52 | tainted | tst.js:18:13:18:19 | tainted |
19+
| tst.js:14:9:14:52 | tainted | tst.js:20:17:20:23 | tainted |
20+
| tst.js:14:9:14:52 | tainted | tst.js:23:19:23:25 | tainted |
21+
| tst.js:14:9:14:52 | tainted | tst.js:26:25:26:31 | tainted |
22+
| tst.js:14:9:14:52 | tainted | tst.js:28:36:28:42 | tainted |
23+
| tst.js:14:9:14:52 | tainted | tst.js:30:37:30:43 | tainted |
24+
| tst.js:14:9:14:52 | tainted | tst.js:34:34:34:40 | tainted |
25+
| tst.js:14:19:14:42 | url.par ... , true) | tst.js:14:19:14:48 | url.par ... ).query |
26+
| tst.js:14:19:14:48 | url.par ... ).query | tst.js:14:19:14:52 | url.par ... ery.url |
27+
| tst.js:14:19:14:52 | url.par ... ery.url | tst.js:14:9:14:52 | tainted |
28+
| tst.js:14:29:14:35 | req.url | tst.js:14:19:14:42 | url.par ... , true) |
29+
| tst.js:26:25:26:31 | tainted | tst.js:26:13:26:31 | "http://" + tainted |
30+
| tst.js:28:36:28:42 | tainted | tst.js:28:13:28:42 | "http:/ ... tainted |
31+
| tst.js:30:37:30:43 | tainted | tst.js:30:13:30:43 | "http:/ ... tainted |
3232
#select
33-
| tst.js:16:5:16:20 | request(tainted) | tst.js:12:29:12:35 | req.url | tst.js:16:13:16:19 | tainted | The $@ of this request depends on $@. | tst.js:16:13:16:19 | tainted | URL | tst.js:12:29:12:35 | req.url | a user-provided value |
34-
| tst.js:18:5:18:24 | request.get(tainted) | tst.js:12:29:12:35 | req.url | tst.js:18:17:18:23 | tainted | The $@ of this request depends on $@. | tst.js:18:17:18:23 | tainted | URL | tst.js:12:29:12:35 | req.url | a user-provided value |
35-
| tst.js:22:5:22:20 | request(options) | tst.js:12:29:12:35 | req.url | tst.js:21:19:21:25 | tainted | The $@ of this request depends on $@. | tst.js:21:19:21:25 | tainted | URL | tst.js:12:29:12:35 | req.url | a user-provided value |
36-
| tst.js:24:5:24:32 | request ... ainted) | tst.js:12:29:12:35 | req.url | tst.js:24:13:24:31 | "http://" + tainted | The $@ of this request depends on $@. | tst.js:24:13:24:31 | "http://" + tainted | URL | tst.js:12:29:12:35 | req.url | a user-provided value |
37-
| tst.js:26:5:26:43 | request ... ainted) | tst.js:12:29:12:35 | req.url | tst.js:26:13:26:42 | "http:/ ... tainted | The $@ of this request depends on $@. | tst.js:26:13:26:42 | "http:/ ... tainted | URL | tst.js:12:29:12:35 | req.url | a user-provided value |
38-
| tst.js:28:5:28:44 | request ... ainted) | tst.js:12:29:12:35 | req.url | tst.js:28:13:28:43 | "http:/ ... tainted | The $@ of this request depends on $@. | tst.js:28:13:28:43 | "http:/ ... tainted | URL | tst.js:12:29:12:35 | req.url | a user-provided value |
39-
| tst.js:32:5:32:42 | http.ge ... inted}) | tst.js:12:29:12:35 | req.url | tst.js:32:34:32:40 | tainted | The $@ of this request depends on $@. | tst.js:32:34:32:40 | tainted | host | tst.js:12:29:12:35 | req.url | a user-provided value |
33+
| tst.js:18:5:18:20 | request(tainted) | tst.js:14:29:14:35 | req.url | tst.js:18:13:18:19 | tainted | The $@ of this request depends on $@. | tst.js:18:13:18:19 | tainted | URL | tst.js:14:29:14:35 | req.url | a user-provided value |
34+
| tst.js:20:5:20:24 | request.get(tainted) | tst.js:14:29:14:35 | req.url | tst.js:20:17:20:23 | tainted | The $@ of this request depends on $@. | tst.js:20:17:20:23 | tainted | URL | tst.js:14:29:14:35 | req.url | a user-provided value |
35+
| tst.js:24:5:24:20 | request(options) | tst.js:14:29:14:35 | req.url | tst.js:23:19:23:25 | tainted | The $@ of this request depends on $@. | tst.js:23:19:23:25 | tainted | URL | tst.js:14:29:14:35 | req.url | a user-provided value |
36+
| tst.js:26:5:26:32 | request ... ainted) | tst.js:14:29:14:35 | req.url | tst.js:26:13:26:31 | "http://" + tainted | The $@ of this request depends on $@. | tst.js:26:13:26:31 | "http://" + tainted | URL | tst.js:14:29:14:35 | req.url | a user-provided value |
37+
| tst.js:28:5:28:43 | request ... ainted) | tst.js:14:29:14:35 | req.url | tst.js:28:13:28:42 | "http:/ ... tainted | The $@ of this request depends on $@. | tst.js:28:13:28:42 | "http:/ ... tainted | URL | tst.js:14:29:14:35 | req.url | a user-provided value |
38+
| tst.js:30:5:30:44 | request ... ainted) | tst.js:14:29:14:35 | req.url | tst.js:30:13:30:43 | "http:/ ... tainted | The $@ of this request depends on $@. | tst.js:30:13:30:43 | "http:/ ... tainted | URL | tst.js:14:29:14:35 | req.url | a user-provided value |
39+
| tst.js:34:5:34:42 | http.ge ... inted}) | tst.js:14:29:14:35 | req.url | tst.js:34:34:34:40 | tainted | The $@ of this request depends on $@. | tst.js:34:34:34:40 | tainted | host | tst.js:14:29:14:35 | req.url | a user-provided value |

javascript/ql/test/query-tests/Security/CWE-918/tst.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@ import got from 'got';
88
import nodeFetch from 'node-fetch';
99
import url from 'url';
1010

11+
12+
1113
var server = http.createServer(function(req, res) {
1214
var tainted = url.parse(req.url, true).query.url;
1315

0 commit comments

Comments
 (0)