Merge pull request #4 from Napalys/js/class-harness-extra-test

asgerf · web-flow · commit d6aec87124f4 · 2025-04-28T12:37:07.000+02:00
JS: Added test case for `class harness`
diff --git a/javascript/ql/test/library-tests/TripleDot/class.js b/javascript/ql/test/library-tests/TripleDot/class.js
@@ -0,0 +1,87 @@
+import 'dummy';
+
+class Foo {
+    constructor() {
+        this.size = 1024 * 1024 * 4;
+        this.buffer = null;
+    }
+
+    someSink() {
+        sink(this.buffer); // $ MISSING: hasTaintFlow=h1.1
+    }
+
+    setData2(data) {
+        this.buffer = Buffer.from(data);
+    }
+
+    setData() {
+        this.setData2(source("h1.1"));
+    }
+
+    allocate_buffers () {
+        this.buffer = new Buffer(this.size);
+    }
+}
+
+// Tests pass without allocate_buffers function present in the class
+class Baz {
+    constructor() {
+        this.size = 1024 * 1024 * 4;
+        this.buffer = null;
+    }
+
+    someSink() {
+        sink(this.buffer); // $ hasTaintFlow=h1.2
+    }
+
+    setData2(data) {
+        this.buffer = Buffer.from(data);
+    }
+
+    setData() {
+        this.setData2(source("h1.2"));
+    }
+}
+
+// Tests pass with single setData instead of setData -> setData2
+class Baz {
+    constructor() {
+        this.size = 1024 * 1024 * 4;
+        this.buffer = null;
+    }
+
+    someSink() {
+        sink(this.buffer); // $ hasTaintFlow=h1.3
+    }
+
+    setData() {
+        this.buffer = Buffer.from(source("h1.3"));
+    }
+
+    allocate_buffers () {
+        this.buffer = new Buffer(this.size);
+    }
+}
+
+// Tests pass taking hardcoded value instead of class member
+class Foz {
+    constructor() {
+        this.buffer = null;
+    }
+
+    someSink() {
+        sink(this.buffer); // $ hasTaintFlow=h1.1
+    }
+
+    setData2(data) {
+        this.buffer = Buffer.from(data);
+    }
+
+    setData() {
+        this.setData2(source("h1.1"));
+    }
+
+    allocate_buffers () {
+        this.buffer = new Buffer(1024 * 1024 * 4);
+    }
+}
