[testing][false negative] - mozApps.mgmt rule

mozilla / scanjs

[DEPRECATED] Static analysis tool for javascript code.

Other

428 stars 39 forks source link

[testing][false negative] - mozApps.mgmt rule #89

Closed pwnetrationguru closed 10 years ago

pwnetrationguru commented 10 years ago

mozApps.mgmt rule misses the following dangerous cases:

     var stuffs = navigator.mozApps.mgmt;

     var stuffs = navigator.mozApps.mgmt.getAll()

pauljt commented 10 years ago

We need to add support for rules of the form: foo.bar

There is actually no template for this currently.

On 20 Mar 2014, at 5:00 am, Rob Fletcher notifications@github.com wrote:

mozApps.mgmt rule misses the following dangerous cases:
 var stuffs = navigator.mozApps.mgmt;
 var stuffs = navigator.mozApps.mgmt.getAll()
— Reply to this email directly or view it on GitHub.

pauljt commented 10 years ago

foo.bar rules are now supported in the new scanner. e.g

{ "name": "foo.bar", "type": "objmember", "parameters": "{'object_name':'foo','property_name':'bar'}", "testhit": "foo.bar", "testmiss": "foo.baz;baz.bar;", "desc": "A member expression with object of 'foo' and member named 'bar'", "threat": "example", "subthreat": "example" },