JS: add Mongoose Document tests

esbena · esbena · commit 55ab519fbe05 · 2020-03-16T22:11:22.000+01:00
diff --git a/javascript/ql/test/query-tests/Security/CWE-089/untyped/DatabaseAccesses.expected b/javascript/ql/test/query-tests/Security/CWE-089/untyped/DatabaseAccesses.expected
@@ -14,6 +14,19 @@
 | mongoose.js:65:2:65:51 | Documen ... on(){}) |
 | mongoose.js:67:2:68:27 | new Mon ... on(){}) |
 | mongoose.js:71:2:77:9 | Documen ... .exec() |
+| mongoose.js:84:2:84:52 | Documen ... query)) |
+| mongoose.js:85:2:85:52 | Documen ... query)) |
+| mongoose.js:86:2:86:57 | Documen ... query)) |
+| mongoose.js:87:2:87:57 | Documen ... query)) |
+| mongoose.js:88:2:88:52 | Documen ... query)) |
+| mongoose.js:89:2:89:55 | Documen ... query)) |
+| mongoose.js:91:2:91:52 | Documen ... query)) |
+| mongoose.js:92:2:92:49 | Documen ... query)) |
+| mongoose.js:93:2:93:57 | Documen ... query)) |
+| mongoose.js:94:2:94:54 | Documen ... query)) |
+| mongoose.js:95:2:95:52 | Documen ... query)) |
+| mongoose.js:96:2:96:52 | Documen ... query)) |
+| mongoose.js:98:2:98:50 | Documen ... query)) |
 | socketio.js:11:5:11:54 | db.run( ... ndle}`) |
 | tst2.js:7:3:7:62 | sql.que ... ms.id}` |
 | tst2.js:9:3:9:85 | new sql ...  + "'") |
diff --git a/javascript/ql/test/query-tests/Security/CWE-089/untyped/mongoose.js b/javascript/ql/test/query-tests/Security/CWE-089/untyped/mongoose.js
@@ -80,4 +80,20 @@ app.post('/documents/find', (req, res) => {
 	Mongoose.createConnection(X).count(query); // OK (invalid program)
 	Mongoose.createConnection(X).model(Y).count(query); // NOT OK
 	Mongoose.createConnection(X).models[Y].count(query); // NOT OK
+
+	Document.findOne(X, (err, res) => res.count(query)); // NOT OK
+	Document.findOne(X, (err, res) => err.count(query)); // OK
+	Document.findOne(X).exec((err, res) => res.count(query)); // NOT OK
+	Document.findOne(X).exec((err, res) => err.count(query)); // OK
+	Document.findOne(X).then((res) => res.count(query)); // NOT OK
+	Document.findOne(X).then(Y, (err) => err.count(query)); // OK
+
+	Document.find(X, (err, res) => res[i].count(query)); // NOT OK
+	Document.find(X, (err, res) => err.count(query)); // OK
+	Document.find(X).exec((err, res) => res[i].count(query)); // NOT OK
+	Document.find(X).exec((err, res) => err.count(query)); // OK
+	Document.find(X).then((res) => res[i].count(query)); // NOT OK
+	Document.find(X).then(Y, (err) => err.count(query)); // OK
+
+	Document.count(X, (err, res) => res.count(query)); // OK (res is a number)
 });
