vulnerable call gets a wrong fqn

OrenGitHub / dhscanner

free as in speech container scanner

https://orengithub.github.io/

2 stars 0 forks source link

vulnerable call gets a wrong fqn #12

Closed OrenGitHub closed 5 months ago

OrenGitHub commented 5 months ago

448         {
449             "callLocation": {
450                 "colEnd": 27,
451                 "colStart": 3,
452                 "filename": "workdir/73412fec1a87a2a7fd9caff0c5bfd92dc3e83052b9ec95965646643062295ea6/usr/app/main.js",
453                 "lineEnd": 32,
454                 "lineStart": 32
455             },
456             "calleeFqn": {
457                 "content": "int.run" <--- this should be "npm.vm2.VM.run"
458             }
459         },

OrenGitHub commented 5 months ago

[x] delegate to codegen

OrenGitHub commented 5 months ago

delegated to codegen here

OrenGitHub commented 5 months ago

1869         {
1870             "callLocation": {
1871                 "colEnd": 27,
1872                 "colStart": 3,
1873                 "filename": "workdir/73412fec1a87a2a7fd9caff0c5bfd92dc3e83052b9ec95965646643062295ea6/usr/app/main.js",
1874                 "lineEnd": 32,
1875                 "lineStart": 32                                                                                                                1876             },
1877             "calleeFqn": {
1878                 "content": "npm.vm2.VM.run"
1879             }
1880         },