From 5cc94e11050ab448acbbce5c7dddf9e28ceeb378 Mon Sep 17 00:00:00 2001 From: Arthur Baars Date: Tue, 31 Oct 2023 12:43:30 +0100 Subject: [PATCH] Express.js: add req.path as remote input source --- javascript/ql/lib/semmle/javascript/frameworks/Express.qll | 4 ++++ .../ql/test/library-tests/frameworks/Express/tests.expected | 1 + 2 files changed, 5 insertions(+) diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Express.qll b/javascript/ql/lib/semmle/javascript/frameworks/Express.qll index c39d19d4375..91430481d81 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Express.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Express.qll @@ -618,6 +618,10 @@ module Express { or kind = "body" and this = ref.getAPropertyRead("body") + or + // `req.path` + kind = "url" and + this = ref.getAPropertyRead("path") ) } diff --git a/javascript/ql/test/library-tests/frameworks/Express/tests.expected b/javascript/ql/test/library-tests/frameworks/Express/tests.expected index cc52c73a572..ec4253740f7 100644 --- a/javascript/ql/test/library-tests/frameworks/Express/tests.expected +++ b/javascript/ql/test/library-tests/frameworks/Express/tests.expected @@ -1109,6 +1109,7 @@ test_RequestInputAccess | src/express.js:55:12:55:25 | req.params.foo | parameter | src/express.js:53:23:57:1 | functio ... res);\\n} | | src/express.js:61:12:61:25 | req.params.foo | parameter | src/express.js:59:23:63:1 | functio ... res);\\n} | | src/express.js:67:12:67:25 | req.params.foo | parameter | src/express.js:65:27:69:1 | functio ... res);\\n} | +| src/express.js:73:12:73:19 | req.path | url | src/express.js:71:23:75:1 | functio ... res);\\n} | | src/inheritedFromNode.js:7:2:7:8 | req.url | url | src/inheritedFromNode.js:4:15:8:1 | functio ... .url;\\n} | | src/params.js:4:35:4:39 | value | parameter | src/params.js:4:18:12:1 | (req, r ... }\\n} | | src/params.js:5:17:5:28 | req.query.xx | parameter | src/params.js:4:18:12:1 | (req, r ... }\\n} |