File tree Expand file tree Collapse file tree 3 files changed +21
-0
lines changed
javascript/ql/test/library-tests/TaintTracking Expand file tree Collapse file tree 3 files changed +21
-0
lines changed Original file line number Diff line number Diff line change @@ -5,6 +5,7 @@ legacyDataFlowDifference
55| callbacks.js:37:17:37:24 | source() | callbacks.js:41:10:41:10 | x | only flow with NEW data flow library |
66| callbacks.js:44:17:44:24 | source() | callbacks.js:37:37:37:37 | x | only flow with NEW data flow library |
77| callbacks.js:44:17:44:24 | source() | callbacks.js:38:35:38:35 | x | only flow with NEW data flow library |
8+ | callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x | only flow with NEW data flow library |
89| capture-flow.js:89:13:89:20 | source() | capture-flow.js:89:6:89:21 | test3c(source()) | only flow with NEW data flow library |
910| capture-flow.js:101:12:101:19 | source() | capture-flow.js:102:6:102:20 | test5("safe")() | only flow with OLD data flow library |
1011| capture-flow.js:274:33:274:40 | source() | capture-flow.js:272:10:272:17 | this.foo | only flow with OLD data flow library |
9293| callbacks.js:50:18:50:25 | source() | callbacks.js:30:29:30:29 | y |
9394| callbacks.js:51:18:51:25 | source() | callbacks.js:30:29:30:29 | y |
9495| callbacks.js:53:23:53:30 | source() | callbacks.js:58:10:58:10 | x |
96+ | callbacks.js:73:17:73:24 | source() | callbacks.js:73:37:73:37 | x |
97+ | callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x |
9598| capture-flow.js:9:11:9:18 | source() | capture-flow.js:14:10:14:16 | outer() |
9699| capture-flow.js:9:11:9:18 | source() | capture-flow.js:19:6:19:16 | outerMost() |
97100| capture-flow.js:31:14:31:21 | source() | capture-flow.js:31:6:31:22 | confuse(source()) |
Original file line number Diff line number Diff line change @@ -7,6 +7,7 @@ legacyDataFlowDifference
77| callbacks.js:37:17:37:24 | source() | callbacks.js:41:10:41:10 | x | only flow with NEW data flow library |
88| callbacks.js:44:17:44:24 | source() | callbacks.js:37:37:37:37 | x | only flow with NEW data flow library |
99| callbacks.js:44:17:44:24 | source() | callbacks.js:38:35:38:35 | x | only flow with NEW data flow library |
10+ | callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x | only flow with NEW data flow library |
1011| capture-flow.js:89:13:89:20 | source() | capture-flow.js:89:6:89:21 | test3c(source()) | only flow with NEW data flow library |
1112| capture-flow.js:101:12:101:19 | source() | capture-flow.js:102:6:102:20 | test5("safe")() | only flow with OLD data flow library |
1213| capture-flow.js:274:33:274:40 | source() | capture-flow.js:272:10:272:17 | this.foo | only flow with OLD data flow library |
6768| callbacks.js:50:18:50:25 | source() | callbacks.js:30:29:30:29 | y |
6869| callbacks.js:51:18:51:25 | source() | callbacks.js:30:29:30:29 | y |
6970| callbacks.js:53:23:53:30 | source() | callbacks.js:58:10:58:10 | x |
71+ | callbacks.js:73:17:73:24 | source() | callbacks.js:73:37:73:37 | x |
72+ | callbacks.js:73:17:73:24 | source() | callbacks.js:74:35:74:35 | x |
7073| capture-flow.js:9:11:9:18 | source() | capture-flow.js:14:10:14:16 | outer() |
7174| capture-flow.js:9:11:9:18 | source() | capture-flow.js:19:6:19:16 | outerMost() |
7275| capture-flow.js:31:14:31:21 | source() | capture-flow.js:31:6:31:22 | confuse(source()) |
Original file line number Diff line number Diff line change @@ -58,3 +58,18 @@ function test() {
5858 sink ( x ) ; // NOT OK
5959 } ) ;
6060}
61+
62+ function forwardTaint3 ( x , cb ) {
63+ cb ( x ) ; // Same as 'forwardTaint' but copied to avoid interference between tests
64+ cb ( x ) ;
65+ }
66+
67+ function forwardTaint4 ( x , cb ) {
68+ forwardTaint3 ( x , cb ) ; // Same as 'forwardTaint2' but copied to avoid interference between tests
69+ forwardTaint3 ( x , cb ) ;
70+ }
71+
72+ function test2 ( ) {
73+ forwardTaint4 ( source ( ) , x => sink ( x ) ) ; // NOT OK
74+ forwardTaint4 ( "safe" , x => sink ( x ) ) ; // OK [INCONSISTENCY]
75+ }
You can’t perform that action at this time.
0 commit comments