Skip to content

Commit aaa9c8d

Browse files
geoffw0geoffw0
committed
JS: More effects on tests.
1 parent 1d1cf0e commit aaa9c8d

File tree

11 files changed

+100
-35
lines changed

11 files changed

+100
-35
lines changed

javascript/ql/test/library-tests/Promises/tests.expected

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -275,6 +275,10 @@ flow
275275
| flow.js:136:15:136:22 | "source" | flow.js:155:9:155:9 | e |
276276
exclusiveTaintFlow
277277
| flow2.js:2:15:2:22 | "source" | flow2.js:5:8:5:10 | arr |
278+
| flow2.js:2:15:2:22 | "source" | flow2.js:7:8:7:13 | arr[1] |
279+
| flow2.js:2:15:2:22 | "source" | flow2.js:11:7:11:11 | clean |
280+
| flow2.js:2:15:2:22 | "source" | flow2.js:15:7:15:12 | clean2 |
281+
| flow2.js:2:15:2:22 | "source" | flow2.js:19:7:19:12 | clean3 |
278282
| flow.js:136:15:136:22 | "source" | flow.js:141:7:141:13 | async() |
279283
| flow.js:160:15:160:22 | "source" | flow.js:164:39:164:39 | x |
280284
| flow.js:160:15:160:22 | "source" | flow.js:167:7:167:9 | foo |
@@ -468,3 +472,7 @@ valueFlowDifference
468472
| flow2.js:2:15:2:22 | "source" | flow2.js:20:7:20:14 | tainted3 | only flow with NEW data flow library |
469473
taintFlowDifference
470474
| flow2.js:2:15:2:22 | "source" | flow2.js:5:8:5:10 | arr | only flow with NEW data flow library |
475+
| flow2.js:2:15:2:22 | "source" | flow2.js:7:8:7:13 | arr[1] | only flow with NEW data flow library |
476+
| flow2.js:2:15:2:22 | "source" | flow2.js:11:7:11:11 | clean | only flow with NEW data flow library |
477+
| flow2.js:2:15:2:22 | "source" | flow2.js:15:7:15:12 | clean2 | only flow with NEW data flow library |
478+
| flow2.js:2:15:2:22 | "source" | flow2.js:19:7:19:12 | clean3 | only flow with NEW data flow library |

javascript/ql/test/library-tests/TripleDot/arrays.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@ import 'dummy';
22

33
function shiftKnown() {
44
let array = [source('shift.1'), source('shift.2')];
5-
sink(array.shift()); // $ hasValueFlow=shift.1
6-
sink(array.shift()); // $ SPURIOUS: hasValueFlow=shift.1 MISSING: hasValueFlow=shift.2
5+
sink(array.shift()); // $ hasValueFlow=shift.1 SPURIOUS: hasTaintFlow=shift.2
6+
sink(array.shift()); // $ SPURIOUS: hasValueFlow=shift.1 hasTaintFlow=shift.2 MISSING: hasValueFlow=shift.2
77
}
88

99
function shiftUnknown() {

javascript/ql/test/library-tests/TripleDot/tst.js

Lines changed: 28 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@ import 'dummy';
22

33
function t1() {
44
function target(...rest) {
5-
sink(rest[0]); // $ hasValueFlow=t1.1
6-
sink(rest[1]); // $ hasValueFlow=t1.2
5+
sink(rest[0]); // $ hasValueFlow=t1.1 SPURIOUS: hasTaintFlow=t1.2
6+
sink(rest[1]); // $ hasValueFlow=t1.2 SPURIOUS: hasTaintFlow=t1.1
77
sink(rest.join(',')); // $ hasTaintFlow=t1.1 hasTaintFlow=t1.2
88
}
99
target(source('t1.1'), source('t1.2'));
@@ -19,9 +19,9 @@ function t2() {
1919

2020
function t3() {
2121
function finalTarget(x, y, z) {
22-
sink(x); // $ hasValueFlow=t3.1
23-
sink(y); // $ hasValueFlow=t3.2
24-
sink(z); // $ hasValueFlow=t3.3
22+
sink(x); // $ hasValueFlow=t3.1 SPURIOUS: hasTaintFlow=t3.2 hasTaintFlow=t3.3
23+
sink(y); // $ hasValueFlow=t3.2 SPURIOUS: hasTaintFlow=t3.1 hasTaintFlow=t3.3
24+
sink(z); // $ hasValueFlow=t3.3 SPURIOUS: hasTaintFlow=t3.1 hasTaintFlow=t3.2
2525
}
2626
function target(...rest) {
2727
finalTarget(...rest);
@@ -31,10 +31,10 @@ function t3() {
3131

3232
function t4() {
3333
function finalTarget(w, x, y, z) {
34-
sink(w); // $ hasValueFlow=t4.0
35-
sink(x); // $ hasValueFlow=t4.1
36-
sink(y); // $ hasValueFlow=t4.2
37-
sink(z); // $ hasValueFlow=t4.3
34+
sink(w); // $ hasValueFlow=t4.0 SPURIOUS: hasTaintFlow=t4.1 hasTaintFlow=t4.2 hasTaintFlow=t4.3
35+
sink(x); // $ hasValueFlow=t4.1 SPURIOUS: hasTaintFlow=t4.2 hasTaintFlow=t4.3
36+
sink(y); // $ hasValueFlow=t4.2 SPURIOUS: hasTaintFlow=t4.1 hasTaintFlow=t4.3
37+
sink(z); // $ hasValueFlow=t4.3 SPURIOUS: hasTaintFlow=t4.1 hasTaintFlow=t4.2
3838
}
3939
function target(...rest) {
4040
finalTarget(source('t4.0'), ...rest);
@@ -44,10 +44,10 @@ function t4() {
4444

4545
function t5() {
4646
function finalTarget(w, x, y, z) {
47-
sink(w); // $ hasValueFlow=t5.0
48-
sink(x); // $ hasValueFlow=t5.1
49-
sink(y); // $ hasValueFlow=t5.2
50-
sink(z); // $ hasValueFlow=t5.3
47+
sink(w); // $ hasValueFlow=t5.0 SPURIOUS: hasTaintFlow=t5.1 hasTaintFlow=t5.2 hasTaintFlow=t5.3
48+
sink(x); // $ hasValueFlow=t5.1 SPURIOUS: hasTaintFlow=t5.2 hasTaintFlow=t5.3
49+
sink(y); // $ hasValueFlow=t5.2 SPURIOUS: hasTaintFlow=t5.1 hasTaintFlow=t5.3
50+
sink(z); // $ hasValueFlow=t5.3 SPURIOUS: hasTaintFlow=t5.1 hasTaintFlow=t5.2
5151
}
5252
function target(array) {
5353
finalTarget(source('t5.0'), ...array);
@@ -58,18 +58,18 @@ function t5() {
5858
function t6() {
5959
function target(x) {
6060
sink(x); // $ hasValueFlow=t6.1
61-
sink(arguments[0]);// $ hasValueFlow=t6.1
62-
sink(arguments[1]);// $ hasValueFlow=t6.2
63-
sink(arguments[2]);// $ hasValueFlow=t6.3
61+
sink(arguments[0]);// $ hasValueFlow=t6.1 SPURIOUS: hasTaintFlow=t6.2 hasTaintFlow=t6.3
62+
sink(arguments[1]);// $ hasValueFlow=t6.2 SPURIOUS: hasTaintFlow=t6.1 hasTaintFlow=t6.3
63+
sink(arguments[2]);// $ hasValueFlow=t6.3 SPURIOUS: hasTaintFlow=t6.1 hasTaintFlow=t6.2
6464
}
6565
target(source('t6.1'), source('t6.2'), source('t6.3'));
6666
}
6767

6868
function t7() {
6969
function finalTarget(x, y, z) {
70-
sink(x); // $ hasValueFlow=t7.1
71-
sink(y); // $ hasValueFlow=t7.2
72-
sink(z); // $ hasValueFlow=t7.3
70+
sink(x); // $ hasValueFlow=t7.1 SPURIOUS: hasTaintFlow=t7.2 hasTaintFlow=t7.3
71+
sink(y); // $ hasValueFlow=t7.2 SPURIOUS: hasTaintFlow=t7.1 hasTaintFlow=t7.3
72+
sink(z); // $ hasValueFlow=t7.3 SPURIOUS: hasTaintFlow=t7.1 hasTaintFlow=t7.2
7373
}
7474
function target() {
7575
finalTarget(...arguments);
@@ -79,9 +79,9 @@ function t7() {
7979

8080
function t8() {
8181
function finalTarget(x, y, z) {
82-
sink(x); // $ hasValueFlow=t8.1 SPURIOUS: hasValueFlow=t8.3 hasValueFlow=t8.4
83-
sink(y); // $ hasValueFlow=t8.2 SPURIOUS: hasValueFlow=t8.3 hasValueFlow=t8.4
84-
sink(z); // $ hasValueFlow=t8.3 SPURIOUS: hasValueFlow=t8.3 hasValueFlow=t8.4
82+
sink(x); // $ hasValueFlow=t8.1 SPURIOUS: hasTaintFlow=t8.2 hasValueFlow=t8.3 hasValueFlow=t8.4
83+
sink(y); // $ hasValueFlow=t8.2 SPURIOUS: hasTaintFlow=t8.1 hasValueFlow=t8.3 hasValueFlow=t8.4
84+
sink(z); // $ hasValueFlow=t8.3 SPURIOUS: hasTaintFlow=t8.1 hasTaintFlow=t8.2 hasValueFlow=t8.3 hasValueFlow=t8.4
8585
}
8686
function target(array1, array2) {
8787
finalTarget(...array1, ...array2);
@@ -91,9 +91,9 @@ function t8() {
9191

9292
function t9() {
9393
function finalTarget(x, y, z) {
94-
sink(x); // $ hasValueFlow=t9.1
95-
sink(y); // $ hasValueFlow=t9.2
96-
sink(z); // $ hasValueFlow=t9.3
94+
sink(x); // $ hasValueFlow=t9.1 SPURIOUS: hasTaintFlow=t9.2 hasTaintFlow=t9.3
95+
sink(y); // $ hasValueFlow=t9.2 SPURIOUS: hasTaintFlow=t9.1 hasTaintFlow=t9.3
96+
sink(z); // $ hasValueFlow=t9.3 SPURIOUS: hasTaintFlow=t9.1 hasTaintFlow=t9.2
9797
}
9898
function target() {
9999
finalTarget.apply(undefined, arguments);
@@ -103,9 +103,9 @@ function t9() {
103103

104104
function t10() {
105105
function finalTarget(x, y, z) {
106-
sink(x); // $ hasValueFlow=t10.1
107-
sink(y); // $ hasValueFlow=t10.2
108-
sink(z); // $ hasValueFlow=t10.3
106+
sink(x); // $ hasValueFlow=t10.1 SPURIOUS: hasTaintFlow=t10.2 hasTaintFlow=t10.3
107+
sink(y); // $ hasValueFlow=t10.2 SPURIOUS: hasTaintFlow=t10.1 hasTaintFlow=t10.3
108+
sink(z); // $ hasValueFlow=t10.3 SPURIOUS: hasTaintFlow=t10.1 hasTaintFlow=t10.2
109109
}
110110
function target(...rest) {
111111
finalTarget.apply(undefined, rest);

javascript/ql/test/query-tests/Security/CWE-078/IndirectCommandInjection/IndirectCommandInjection.expected

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ edges
1717
| command-line-parameter-command-injection.js:11:14:11:17 | args | command-line-parameter-command-injection.js:11:14:11:20 | args[0] | provenance | |
1818
| command-line-parameter-command-injection.js:11:14:11:17 | args [ArrayElement] | command-line-parameter-command-injection.js:11:14:11:20 | args[0] | provenance | |
1919
| command-line-parameter-command-injection.js:12:26:12:29 | args | command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | provenance | |
20+
| command-line-parameter-command-injection.js:12:26:12:29 | args [ArrayElement] | command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | provenance | |
2021
| command-line-parameter-command-injection.js:12:26:12:29 | args [ArrayElement] | command-line-parameter-command-injection.js:12:26:12:32 | args[0] | provenance | |
2122
| command-line-parameter-command-injection.js:12:26:12:32 | args[0] | command-line-parameter-command-injection.js:12:14:12:32 | "cmd.sh " + args[0] | provenance | |
2223
| command-line-parameter-command-injection.js:14:6:14:30 | fewerArgs | command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs | provenance | |
@@ -34,11 +35,13 @@ edges
3435
| command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs | command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | provenance | |
3536
| command-line-parameter-command-injection.js:15:14:15:22 | fewerArgs [ArrayElement] | command-line-parameter-command-injection.js:15:14:15:25 | fewerArgs[0] | provenance | |
3637
| command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs | command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | provenance | |
38+
| command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs [ArrayElement] | command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | provenance | |
3739
| command-line-parameter-command-injection.js:16:26:16:34 | fewerArgs [ArrayElement] | command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | provenance | |
3840
| command-line-parameter-command-injection.js:16:26:16:37 | fewerArgs[0] | command-line-parameter-command-injection.js:16:14:16:37 | "cmd.sh ... Args[0] | provenance | |
3941
| command-line-parameter-command-injection.js:18:6:18:24 | arg0 | command-line-parameter-command-injection.js:19:14:19:17 | arg0 | provenance | |
4042
| command-line-parameter-command-injection.js:18:6:18:24 | arg0 | command-line-parameter-command-injection.js:20:26:20:29 | arg0 | provenance | |
4143
| command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs | command-line-parameter-command-injection.js:18:6:18:24 | arg0 | provenance | |
44+
| command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs [ArrayElement] | command-line-parameter-command-injection.js:18:6:18:24 | arg0 | provenance | |
4245
| command-line-parameter-command-injection.js:18:13:18:21 | fewerArgs [ArrayElement] | command-line-parameter-command-injection.js:18:13:18:24 | fewerArgs[0] | provenance | |
4346
| command-line-parameter-command-injection.js:18:13:18:24 | fewerArgs[0] | command-line-parameter-command-injection.js:18:6:18:24 | arg0 | provenance | |
4447
| command-line-parameter-command-injection.js:20:26:20:29 | arg0 | command-line-parameter-command-injection.js:20:14:20:29 | "cmd.sh " + arg0 | provenance | |
@@ -51,6 +54,7 @@ edges
5154
| command-line-parameter-command-injection.js:24:15:24:35 | process ... lice(2) | command-line-parameter-command-injection.js:24:8:24:35 | args | provenance | |
5255
| command-line-parameter-command-injection.js:24:15:24:35 | process ... lice(2) [ArrayElement] | command-line-parameter-command-injection.js:24:8:24:35 | args [ArrayElement] | provenance | |
5356
| command-line-parameter-command-injection.js:26:32:26:35 | args | command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | provenance | |
57+
| command-line-parameter-command-injection.js:26:32:26:35 | args [ArrayElement] | command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | provenance | |
5458
| command-line-parameter-command-injection.js:26:32:26:35 | args [ArrayElement] | command-line-parameter-command-injection.js:26:32:26:38 | args[0] | provenance | |
5559
| command-line-parameter-command-injection.js:26:32:26:38 | args[0] | command-line-parameter-command-injection.js:26:14:26:50 | `node $ ... ption"` | provenance | |
5660
| command-line-parameter-command-injection.js:27:32:27:35 | args | command-line-parameter-command-injection.js:27:32:27:45 | args.join(' ') | provenance | |
@@ -94,16 +98,24 @@ edges
9498
| command-line-parameter-command-injection.js:71:20:71:40 | require ... ').argv | command-line-parameter-command-injection.js:71:6:71:16 | [...taint4] | provenance | |
9599
| command-line-parameter-command-injection.js:72:22:72:27 | taint4 | command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | provenance | |
96100
| command-line-parameter-command-injection.js:76:8:76:35 | argv | command-line-parameter-command-injection.js:79:31:79:34 | argv | provenance | |
101+
| command-line-parameter-command-injection.js:76:8:76:35 | argv [ArrayElement] | command-line-parameter-command-injection.js:79:31:79:34 | argv [ArrayElement] | provenance | |
97102
| command-line-parameter-command-injection.js:76:15:76:26 | process.argv | command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | provenance | |
103+
| command-line-parameter-command-injection.js:76:15:76:26 | process.argv | command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) [ArrayElement] | provenance | |
98104
| command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | command-line-parameter-command-injection.js:76:8:76:35 | argv | provenance | |
105+
| command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) [ArrayElement] | command-line-parameter-command-injection.js:76:8:76:35 | argv [ArrayElement] | provenance | |
99106
| command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | provenance | |
100107
| command-line-parameter-command-injection.js:79:31:79:34 | argv | command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | provenance | |
108+
| command-line-parameter-command-injection.js:79:31:79:34 | argv [ArrayElement] | command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | provenance | |
101109
| command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | provenance | |
102110
| command-line-parameter-command-injection.js:82:29:82:40 | process.argv | command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | provenance | |
111+
| command-line-parameter-command-injection.js:82:29:82:40 | process.argv | command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) [ArrayElement] | provenance | |
103112
| command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | provenance | |
113+
| command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) [ArrayElement] | command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | provenance | |
104114
| command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | provenance | |
105115
| command-line-parameter-command-injection.js:85:34:85:45 | process.argv | command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | provenance | |
116+
| command-line-parameter-command-injection.js:85:34:85:45 | process.argv | command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) [ArrayElement] | provenance | |
106117
| command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | provenance | |
118+
| command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) [ArrayElement] | command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | provenance | |
107119
| command-line-parameter-command-injection.js:88:6:88:37 | flags | command-line-parameter-command-injection.js:89:22:89:26 | flags | provenance | |
108120
| command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | command-line-parameter-command-injection.js:88:6:88:37 | flags | provenance | |
109121
| command-line-parameter-command-injection.js:88:25:88:36 | process.argv | command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | provenance | |
@@ -237,19 +249,24 @@ nodes
237249
| command-line-parameter-command-injection.js:72:10:72:27 | "cmd.sh " + taint4 | semmle.label | "cmd.sh " + taint4 |
238250
| command-line-parameter-command-injection.js:72:22:72:27 | taint4 | semmle.label | taint4 |
239251
| command-line-parameter-command-injection.js:76:8:76:35 | argv | semmle.label | argv |
252+
| command-line-parameter-command-injection.js:76:8:76:35 | argv [ArrayElement] | semmle.label | argv [ArrayElement] |
240253
| command-line-parameter-command-injection.js:76:15:76:26 | process.argv | semmle.label | process.argv |
241254
| command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) | semmle.label | process ... lice(2) |
255+
| command-line-parameter-command-injection.js:76:15:76:35 | process ... lice(2) [ArrayElement] | semmle.label | process ... lice(2) [ArrayElement] |
242256
| command-line-parameter-command-injection.js:79:10:79:39 | "cmd.sh ... gv).foo | semmle.label | "cmd.sh ... gv).foo |
243257
| command-line-parameter-command-injection.js:79:22:79:35 | minimist(argv) | semmle.label | minimist(argv) |
244258
| command-line-parameter-command-injection.js:79:31:79:34 | argv | semmle.label | argv |
259+
| command-line-parameter-command-injection.js:79:31:79:34 | argv [ArrayElement] | semmle.label | argv [ArrayElement] |
245260
| command-line-parameter-command-injection.js:82:10:82:54 | "cmd.sh ... 2)).foo | semmle.label | "cmd.sh ... 2)).foo |
246261
| command-line-parameter-command-injection.js:82:22:82:50 | subarg( ... ice(2)) | semmle.label | subarg( ... ice(2)) |
247262
| command-line-parameter-command-injection.js:82:29:82:40 | process.argv | semmle.label | process.argv |
248263
| command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) | semmle.label | process ... lice(2) |
264+
| command-line-parameter-command-injection.js:82:29:82:49 | process ... lice(2) [ArrayElement] | semmle.label | process ... lice(2) [ArrayElement] |
249265
| command-line-parameter-command-injection.js:85:10:85:59 | "cmd.sh ... 2)).foo | semmle.label | "cmd.sh ... 2)).foo |
250266
| command-line-parameter-command-injection.js:85:22:85:55 | yargsPa ... ice(2)) | semmle.label | yargsPa ... ice(2)) |
251267
| command-line-parameter-command-injection.js:85:34:85:45 | process.argv | semmle.label | process.argv |
252268
| command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) | semmle.label | process ... lice(2) |
269+
| command-line-parameter-command-injection.js:85:34:85:54 | process ... lice(2) [ArrayElement] | semmle.label | process ... lice(2) [ArrayElement] |
253270
| command-line-parameter-command-injection.js:88:6:88:37 | flags | semmle.label | flags |
254271
| command-line-parameter-command-injection.js:88:14:88:37 | args.pa ... s.argv) | semmle.label | args.pa ... s.argv) |
255272
| command-line-parameter-command-injection.js:88:25:88:36 | process.argv | semmle.label | process.argv |

0 commit comments

Comments
 (0)