Skip to content

added vulnerable code as a test#17

Open
alaintd wants to merge 2 commits into
developfrom
feature/add-vulnerable-code
Open

added vulnerable code as a test#17
alaintd wants to merge 2 commits into
developfrom
feature/add-vulnerable-code

Conversation

@alaintd

@alaintd alaintd commented Oct 26, 2023

Copy link
Copy Markdown
Collaborator

No description provided.

Comment thread my-vulnerable-code.js
function endsWith(x, y) {

let index = x.lastIndexOf(y);
return x.lastIndexOf(y) === x.length - y.length;

Check failure

Code scanning / CodeQL

Incorrect suffix check

This suffix check is missing a length comparison to correctly handle lastIndexOf returning -1.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants