mirror of
https://github.com/github/codeql.git
synced 2026-05-01 03:35:13 +02:00
Merge pull request #750 from aschackmull/javascript/autoformat
Approved by xiemaisi
This commit is contained in:
semmle-qlci
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from AMDModule m
|
||||
select m, m.getDefine()
|
||||
select m, m.getDefine()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from AMDModuleDefinition d
|
||||
select d, d.getFactoryNode()
|
||||
select d, d.getFactoryNode()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from AMDModuleDefinition d
|
||||
select d, d.getADependency()
|
||||
select d, d.getADependency()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from AMDModule m
|
||||
select m, m.getAnExportedSymbol()
|
||||
select m, m.getAnExportedSymbol()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from AMDModule m
|
||||
select m, m.getAnImportedModule()
|
||||
select m, m.getAnImportedModule()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Module m, string name, ASTNode export
|
||||
where m.exports(name, export)
|
||||
select m, name, export
|
||||
select m, name, export
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from StmtContainer sc
|
||||
select sc
|
||||
select sc
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from StmtContainer sc
|
||||
select sc, sc.getEnclosingContainer()
|
||||
select sc, sc.getEnclosingContainer()
|
||||
|
||||
@@ -1,16 +1,14 @@
|
||||
import javascript
|
||||
|
||||
class Configuration extends DataFlow::Configuration {
|
||||
Configuration() {
|
||||
this = "SimpleBarrierGuard"
|
||||
}
|
||||
Configuration() { this = "SimpleBarrierGuard" }
|
||||
|
||||
override predicate isSource(DataFlow::Node source) {
|
||||
source.(DataFlow::InvokeNode).getCalleeName() = "SOURCE"
|
||||
}
|
||||
|
||||
override predicate isSink(DataFlow::Node sink) {
|
||||
exists (DataFlow::InvokeNode call |
|
||||
exists(DataFlow::InvokeNode call |
|
||||
call.getCalleeName() = "SINK" and
|
||||
sink = call.getArgument(0)
|
||||
)
|
||||
@@ -19,14 +17,10 @@ class Configuration extends DataFlow::Configuration {
|
||||
override predicate isBarrierGuard(DataFlow::BarrierGuardNode guard) {
|
||||
guard instanceof SimpleBarrierGuardNode
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
class SimpleBarrierGuardNode extends DataFlow::BarrierGuardNode, DataFlow::InvokeNode {
|
||||
|
||||
SimpleBarrierGuardNode() {
|
||||
getCalleeName() = "BARRIER"
|
||||
}
|
||||
SimpleBarrierGuardNode() { getCalleeName() = "BARRIER" }
|
||||
|
||||
override predicate blocks(boolean outcome, Expr e) {
|
||||
outcome = true and
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
import javascript
|
||||
|
||||
select any(BasicBlock bb)
|
||||
select any(BasicBlock bb)
|
||||
|
||||
@@ -2,4 +2,4 @@ import semmle.javascript.frameworks.Bundling
|
||||
|
||||
from ObjectExpr oe
|
||||
where isBrowserifyBundle(oe)
|
||||
select oe.getTopLevel()
|
||||
select oe.getTopLevel()
|
||||
|
||||
@@ -2,4 +2,4 @@ import semmle.javascript.frameworks.Bundling
|
||||
|
||||
from ArrayExpr ae
|
||||
where isWebpackBundle(ae)
|
||||
select ae.getTopLevel()
|
||||
select ae.getTopLevel()
|
||||
|
||||
@@ -2,8 +2,5 @@ import javascript
|
||||
|
||||
from ControlFlowNode nd, ControlFlowNode succ
|
||||
where succ = nd.getASuccessor()
|
||||
select nd.getLocation().getFile().getStem(),
|
||||
nd.getLocation().getStartLine(),
|
||||
nd.describeControlFlowNode(),
|
||||
succ.getLocation().getStartLine(),
|
||||
succ.describeControlFlowNode()
|
||||
select nd.getLocation().getFile().getStem(), nd.getLocation().getStartLine(),
|
||||
nd.describeControlFlowNode(), succ.getLocation().getStartLine(), succ.describeControlFlowNode()
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
import javascript
|
||||
|
||||
from ClassDefinition class_, FieldDefinition field
|
||||
where class_.getAField() = field
|
||||
and field.isStatic()
|
||||
and field.getInit().getFirstControlFlowNode().getAPredecessor*() = class_.(ControlFlowNode)
|
||||
where
|
||||
class_.getAField() = field and
|
||||
field.isStatic() and
|
||||
field.getInit().getFirstControlFlowNode().getAPredecessor*() = class_.(ControlFlowNode)
|
||||
select field, "Field initializer occurs after its class is created"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from DataFlow::InvokeNode c
|
||||
select c, c.getACallee()
|
||||
select c, c.getACallee()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from AccessorMethodDefinition amd
|
||||
select amd
|
||||
select amd
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ClassDefinition cd
|
||||
select cd, cd.getName()
|
||||
select cd, cd.getName()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ClassDefinition cd
|
||||
select cd, cd.getSuperClass()
|
||||
select cd, cd.getSuperClass()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from MethodDefinition md
|
||||
where md.isComputed()
|
||||
select md
|
||||
select md
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ConstructorDefinition cd
|
||||
select cd
|
||||
select cd
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from FieldDefinition field
|
||||
select field, field.getInit()
|
||||
select field, field.getInit()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from FieldDefinition field
|
||||
select field, field.getNameExpr()
|
||||
select field, field.getNameExpr()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from MethodDefinition md
|
||||
select md, md.getNameExpr(), md.getBody(), md.getDeclaringClass()
|
||||
select md, md.getNameExpr(), md.getBody(), md.getDeclaringClass()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from MethodDefinition md
|
||||
select md, md.getName()
|
||||
select md, md.getName()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from NewTargetExpr e
|
||||
select e
|
||||
select e
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from MethodDefinition md
|
||||
where md.isStatic()
|
||||
select md
|
||||
select md
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from SuperExpr s
|
||||
select s
|
||||
select s
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from ConstructorDefinition cd
|
||||
where cd.isSynthetic()
|
||||
select cd
|
||||
select cd
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ClassDefinition c
|
||||
select c, c.getAMember()
|
||||
select c, c.getAMember()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Closure
|
||||
|
||||
from ClosureModule cm
|
||||
select cm
|
||||
select cm
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Closure
|
||||
|
||||
from ClosureModule cm
|
||||
select cm, cm.getAProvidedNamespace()
|
||||
select cm, cm.getAProvidedNamespace()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Closure
|
||||
|
||||
from ClosureModule cm
|
||||
select cm, cm.getARequiredNamespace()
|
||||
select cm, cm.getARequiredNamespace()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Closure
|
||||
|
||||
from GoogFunctionCall gfc
|
||||
select gfc, gfc.getFunctionName()
|
||||
select gfc, gfc.getFunctionName()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Closure
|
||||
|
||||
from GoogProvide gp
|
||||
select gp, gp.getNamespaceId()
|
||||
select gp, gp.getNamespaceId()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Closure
|
||||
|
||||
from GoogRequire gr
|
||||
select gr, gr.getNamespaceId()
|
||||
select gr, gr.getNamespaceId()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Comment c
|
||||
select c, c.getText()
|
||||
select c, c.getText()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Comment c
|
||||
select c, c.getNextToken()
|
||||
select c, c.getNextToken()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ComprehensionBlock cb
|
||||
select cb, cb.getIterator(), cb.getDomain()
|
||||
select cb, cb.getIterator(), cb.getDomain()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ComprehensionExpr ce
|
||||
select ce, ce.getNumBlock(), ce.getNumFilter(), ce.getBody()
|
||||
select ce, ce.getNumBlock(), ce.getNumFilter(), ce.getBody()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from VarAccess va
|
||||
select va, va.getVariable().getADeclaration()
|
||||
select va, va.getVariable().getADeclaration()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ComprehensionExpr ce, int i
|
||||
select ce, i, ce.getBlock(i)
|
||||
select ce, i, ce.getBlock(i)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ComprehensionExpr ce, int i
|
||||
select ce, i, ce.getFilter(i)
|
||||
select ce, i, ce.getFilter(i)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ConstantExpr c
|
||||
select c
|
||||
select c
|
||||
|
||||
@@ -5,51 +5,37 @@ import semmle.javascript.dataflow.internal.AbstractPropertiesImpl as AbstractPro
|
||||
import semmle.javascript.dataflow.CustomAbstractValueDefinitions
|
||||
|
||||
class MyCustomAbstractValueDefinition extends CustomAbstractValueDefinition {
|
||||
|
||||
DataFlow::ValueNode node;
|
||||
|
||||
MyCustomAbstractValueDefinition() {
|
||||
DataFlow::valueNode(this) = node and
|
||||
node instanceof DataFlow::ObjectLiteralNode and
|
||||
exists (DataFlow::PropWrite pwn |
|
||||
exists(DataFlow::PropWrite pwn |
|
||||
pwn.writes(node, "custom", any(BooleanLiteral l | l.getValue() = "true").flow())
|
||||
)
|
||||
}
|
||||
|
||||
override boolean getBooleanValue() {
|
||||
result = true
|
||||
}
|
||||
override boolean getBooleanValue() { result = true }
|
||||
|
||||
override predicate isCoercibleToNumber() {
|
||||
none()
|
||||
}
|
||||
override predicate isCoercibleToNumber() { none() }
|
||||
|
||||
override PrimitiveAbstractValue toPrimitive() {
|
||||
result = TAbstractOtherString()
|
||||
}
|
||||
override PrimitiveAbstractValue toPrimitive() { result = TAbstractOtherString() }
|
||||
|
||||
override InferredType getType() { result = TTObject() }
|
||||
|
||||
override predicate shouldTrackProperties() {
|
||||
exists (DataFlow::PropWrite pwn |
|
||||
exists(DataFlow::PropWrite pwn |
|
||||
pwn.writes(node, "trackProps", any(BooleanLiteral l | l.getValue() = "true").flow())
|
||||
)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
boolean flowProps(AbstractValue val) {
|
||||
if FlowSteps::shouldTrackProperties(val) then
|
||||
result = true
|
||||
else
|
||||
result = false
|
||||
if FlowSteps::shouldTrackProperties(val) then result = true else result = false
|
||||
}
|
||||
|
||||
boolean typeProps(AbstractValue val) {
|
||||
if AbstractPropertiesImpl::shouldTrackProperties(val) then
|
||||
result = true
|
||||
else
|
||||
result = false
|
||||
if AbstractPropertiesImpl::shouldTrackProperties(val) then result = true else result = false
|
||||
}
|
||||
|
||||
from MyCustomAbstractValueDefinition def, AbstractValue val
|
||||
|
||||
@@ -3,38 +3,29 @@ import semmle.javascript.dataflow.InferredTypes
|
||||
import semmle.javascript.dataflow.CustomAbstractValueDefinitions
|
||||
|
||||
class MyCustomAbstractValueDefinition extends CustomAbstractValueDefinition {
|
||||
|
||||
DataFlow::ValueNode node;
|
||||
|
||||
MyCustomAbstractValueDefinition() {
|
||||
DataFlow::valueNode(this) = node and
|
||||
node instanceof DataFlow::ObjectLiteralNode and
|
||||
exists (DataFlow::PropWrite pwn |
|
||||
exists(DataFlow::PropWrite pwn |
|
||||
pwn.writes(node, "custom", any(BooleanLiteral l | l.getValue() = "true").flow())
|
||||
)
|
||||
}
|
||||
|
||||
override boolean getBooleanValue() {
|
||||
result = true
|
||||
}
|
||||
override boolean getBooleanValue() { result = true }
|
||||
|
||||
override predicate isCoercibleToNumber() {
|
||||
none()
|
||||
}
|
||||
override predicate isCoercibleToNumber() { none() }
|
||||
|
||||
override PrimitiveAbstractValue toPrimitive() {
|
||||
result = TAbstractOtherString()
|
||||
}
|
||||
override PrimitiveAbstractValue toPrimitive() { result = TAbstractOtherString() }
|
||||
|
||||
override InferredType getType() { result = TTObject() }
|
||||
|
||||
override predicate shouldTrackProperties() {
|
||||
none()
|
||||
}
|
||||
|
||||
override predicate shouldTrackProperties() { none() }
|
||||
}
|
||||
|
||||
from AnalyzedValueNode n, MyCustomAbstractValueDefinition def, CustomAbstractValueFromDefinition val
|
||||
where def.getAbstractValue() = val and
|
||||
n.getAValue() = val
|
||||
select n, val
|
||||
where
|
||||
def.getAbstractValue() = val and
|
||||
n.getAValue() = val
|
||||
select n, val
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from DOM::ElementDefinition e
|
||||
select e, e.getName()
|
||||
select e, e.getName()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from DataFlow::Node dfn, DataFlow::Incompleteness cause
|
||||
where dfn.isIncomplete(cause)
|
||||
select dfn, cause
|
||||
select dfn, cause
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Decoratable d, int i
|
||||
select d, i, d.getDecorator(i)
|
||||
select d, i, d.getDecorator(i)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Decorator d
|
||||
select d, d.getExpression(), d.getElement()
|
||||
select d, d.getExpression(), d.getElement()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from VarDef def, VarUse use
|
||||
where definitionReaches(_, def, use)
|
||||
select def, use
|
||||
select def, use
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from VarDef d
|
||||
select d, d.getSource()
|
||||
select d, d.getSource()
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
import javascript
|
||||
|
||||
from EmailSender send
|
||||
select send, send.getFrom(), send.getTo(), send.getSubject(), send.getPlainTextBody(), send.getHtmlBody()
|
||||
select send, send.getFrom(), send.getTo(), send.getSubject(), send.getPlainTextBody(),
|
||||
send.getHtmlBody()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Error e
|
||||
select e, e.getMessage()
|
||||
select e, e.getMessage()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from LegacyLetExpr l, int i
|
||||
select l, i, l.getDecl(i), l.getBody()
|
||||
select l, i, l.getDecl(i), l.getBody()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from RelationalComparison rel
|
||||
select rel, rel.getLesserOperand(), rel.getGreaterOperand()
|
||||
select rel, rel.getLesserOperand(), rel.getGreaterOperand()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from YieldExpr yield, string s
|
||||
where if yield.isDelegating() then s = "delegating" else s = "not delegating"
|
||||
select yield, s
|
||||
select yield, s
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Expr e, int i, Expr child
|
||||
where child = e.getChild(i)
|
||||
select e, i, child
|
||||
select e, i, child
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Expr e
|
||||
select e, e.getContainer()
|
||||
select e, e.getContainer()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Expr e
|
||||
select e, e.getEnclosingFunction()
|
||||
select e, e.getEnclosingFunction()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Expr e
|
||||
select e, e.getEnclosingStmt()
|
||||
select e, e.getEnclosingStmt()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Expr e
|
||||
select e, e.getParent()
|
||||
select e, e.getParent()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Expr e
|
||||
select e, e.getTopLevel()
|
||||
select e, e.getTopLevel()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Expr e
|
||||
where e.isPure()
|
||||
select e
|
||||
select e
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import javascript
|
||||
|
||||
from ParExpr e, Expr inner
|
||||
where inner = e.stripParens() and
|
||||
inner != e
|
||||
select e, inner
|
||||
where
|
||||
inner = e.stripParens() and
|
||||
inner != e
|
||||
select e, inner
|
||||
|
||||
@@ -6,21 +6,20 @@ class Assertion extends CallExpr {
|
||||
getCalleeName() = "checkShallow"
|
||||
}
|
||||
|
||||
predicate shouldBeDeep() {
|
||||
getCalleeName() = "checkDeep"
|
||||
}
|
||||
predicate shouldBeDeep() { getCalleeName() = "checkDeep" }
|
||||
|
||||
ExtendCall getExtendCall() { result = getArgument(0).flow() }
|
||||
|
||||
string getMessage() {
|
||||
if not exists(getExtendCall()) then
|
||||
result = "Not an extend call"
|
||||
else if shouldBeDeep() and not getExtendCall().isDeep() then
|
||||
result = "Not deep"
|
||||
else if not shouldBeDeep() and getExtendCall().isDeep() then
|
||||
result = "Not shallow"
|
||||
if not exists(getExtendCall())
|
||||
then result = "Not an extend call"
|
||||
else
|
||||
result = "OK"
|
||||
if shouldBeDeep() and not getExtendCall().isDeep()
|
||||
then result = "Not deep"
|
||||
else
|
||||
if not shouldBeDeep() and getExtendCall().isDeep()
|
||||
then result = "Not shallow"
|
||||
else result = "OK"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Externs
|
||||
|
||||
from ExternalDecl ed
|
||||
select ed
|
||||
select ed
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Externs
|
||||
|
||||
from ExternalDecl ed
|
||||
select ed, ed.getName()
|
||||
select ed, ed.getName()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Externs
|
||||
|
||||
from ExternalDecl ed
|
||||
select ed, ed.getQualifiedName()
|
||||
select ed, ed.getQualifiedName()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ExternalTypedef et
|
||||
select et
|
||||
select et
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Externs
|
||||
|
||||
from ExternalVarDecl ed
|
||||
select ed, ed.getInit()
|
||||
select ed, ed.getInit()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from ExternalVarDecl v
|
||||
select v, v.getQualifiedName(), v.getTypeTag().getTypeDeclaration()
|
||||
select v, v.getQualifiedName(), v.getTypeTag().getTypeDeclaration()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from File f
|
||||
select f, f.getRelativePath()
|
||||
select f, f.getRelativePath()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
private import semmle.javascript.dataflow.Refinements
|
||||
|
||||
from Refinement ref, RefinementContext ctxt
|
||||
select ref, ctxt, ref.eval(ctxt)
|
||||
select ref, ctxt, ref.eval(ctxt)
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from VariableDeclarator vd, DataFlow::AnalyzedNode init
|
||||
where init = vd.getInit().analyze()
|
||||
select vd.getBindingPattern(), init, init.getAValue()
|
||||
select vd.getBindingPattern(), init, init.getAValue()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from VariableDeclarator vd, DataFlow::AnalyzedNode init
|
||||
where init = vd.getInit().analyze()
|
||||
select vd.getBindingPattern(), init, init.ppTypes()
|
||||
select vd.getBindingPattern(), init, init.ppTypes()
|
||||
|
||||
@@ -8,9 +8,13 @@ class Document extends CustomAbstractValueTag {
|
||||
Document() { this = "document" }
|
||||
|
||||
override boolean getBooleanValue() { result = true }
|
||||
|
||||
override InferredType getType() { result = TTObject() }
|
||||
|
||||
override predicate isCoercibleToNumber() { none() }
|
||||
|
||||
override PrimitiveAbstractValue toPrimitive() { result.getType() = TTString() }
|
||||
|
||||
override string describe() { result = "document" }
|
||||
}
|
||||
|
||||
@@ -25,15 +29,21 @@ class DocumentAll extends CustomAbstractValueTag {
|
||||
DocumentAll() { this = "document.all" }
|
||||
|
||||
override boolean getBooleanValue() { result = false }
|
||||
|
||||
override InferredType getType() { result = TTObject() }
|
||||
|
||||
override predicate isCoercibleToNumber() { none() }
|
||||
|
||||
override PrimitiveAbstractValue toPrimitive() { result.getType() = TTString() }
|
||||
|
||||
override string describe() { result = "document.all" }
|
||||
}
|
||||
|
||||
class DocumentRef extends DataFlow::AnalyzedNode, DataFlow::ValueNode {
|
||||
override GlobalVarAccess astNode;
|
||||
|
||||
DocumentRef() { astNode.getName() = "document" }
|
||||
|
||||
override AbstractValue getALocalValue() {
|
||||
result = DataFlow::AnalyzedNode.super.getALocalValue() or
|
||||
result.(CustomAbstractValue).getTag() instanceof Document
|
||||
@@ -42,7 +52,9 @@ class DocumentRef extends DataFlow::AnalyzedNode, DataFlow::ValueNode {
|
||||
|
||||
class DocumentAllRef extends DataFlow::AnalyzedNode, DataFlow::ValueNode {
|
||||
override PropAccess astNode;
|
||||
|
||||
DocumentAllRef() { astNode.getPropertyName() = "all" }
|
||||
|
||||
override AbstractValue getAValue() {
|
||||
result = DataFlow::AnalyzedNode.super.getAValue()
|
||||
or
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Function f
|
||||
select f
|
||||
select f
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Function f
|
||||
select f, f.getAReturnStmt()
|
||||
select f, f.getAReturnStmt()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Function f
|
||||
select f, f.getAReturnedExpr()
|
||||
select f, f.getAReturnedExpr()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Function f
|
||||
where exists(f.getArgumentsVariable())
|
||||
select f
|
||||
select f
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Function f
|
||||
select f, f.getBody()
|
||||
select f, f.getBody()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Function f, int i
|
||||
select f, i, f.getBodyStmt(i)
|
||||
select f, i, f.getBodyStmt(i)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Parameter p
|
||||
select p, p.getDefault()
|
||||
select p, p.getDefault()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Function f
|
||||
select f, f.getEnclosingStmt()
|
||||
select f, f.getEnclosingStmt()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from Function f
|
||||
select f, f.getId(), f.getName()
|
||||
select f, f.getId(), f.getName()
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Function f, int i, Parameter p
|
||||
where p = f.getParameter(i)
|
||||
select f, i, p
|
||||
select f, i, p
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Function f
|
||||
where exists(f.getScope())
|
||||
select f
|
||||
select f
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Function f
|
||||
where exists(f.getVariable())
|
||||
select f
|
||||
select f
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Function f
|
||||
where f.hasRestParameter()
|
||||
select f
|
||||
select f
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Function f
|
||||
where f.isGenerator()
|
||||
select f
|
||||
select f
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Parameter p
|
||||
where p.isRestParameter()
|
||||
select p
|
||||
select p
|
||||
|
||||
@@ -2,4 +2,4 @@ import javascript
|
||||
|
||||
from Function f
|
||||
where f.usesArgumentsObject()
|
||||
select f
|
||||
select f
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from HTML::Attribute a
|
||||
select a, a.getElement(), a.getName(), a.getValue()
|
||||
select a, a.getElement(), a.getName(), a.getValue()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from HTML::Element elt, int i
|
||||
select elt, i, elt.getAttribute(i)
|
||||
select elt, i, elt.getAttribute(i)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from HTML::Element elt, int i
|
||||
select elt, i, elt.getChild(i)
|
||||
select elt, i, elt.getChild(i)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from HTML::Element elt
|
||||
select elt, elt.getName()
|
||||
select elt, elt.getName()
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import javascript
|
||||
|
||||
from HTML::Element elt
|
||||
select elt, elt.getParent()
|
||||
select elt, elt.getParent()
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
import javascript
|
||||
|
||||
from HTML::TextNode t, string cdata
|
||||
where t.toString().trim().length() > 0 and if t.isCData() then cdata = "(cdata)" else cdata = ""
|
||||
where
|
||||
t.toString().trim().length() > 0 and
|
||||
if t.isCData() then cdata = "(cdata)" else cdata = ""
|
||||
select t, t.getParent(), t.getIndex(), cdata
|
||||
|
||||
@@ -7,17 +7,15 @@ class Assertion extends DataFlow::CallNode {
|
||||
getCalleeName() = "checkNotEscaped"
|
||||
}
|
||||
|
||||
predicate shouldBeSanitizer() {
|
||||
getCalleeName() != "checkNotEscaped"
|
||||
}
|
||||
predicate shouldBeSanitizer() { getCalleeName() != "checkNotEscaped" }
|
||||
|
||||
string getMessage() {
|
||||
if shouldBeSanitizer() and not getArgument(0) instanceof HtmlSanitizerCall then
|
||||
result = "Should be marked as sanitizer"
|
||||
else if not shouldBeSanitizer() and getArgument(0) instanceof HtmlSanitizerCall then
|
||||
result = "Should not be marked as sanitizer"
|
||||
if shouldBeSanitizer() and not getArgument(0) instanceof HtmlSanitizerCall
|
||||
then result = "Should be marked as sanitizer"
|
||||
else
|
||||
result = "OK"
|
||||
if not shouldBeSanitizer() and getArgument(0) instanceof HtmlSanitizerCall
|
||||
then result = "Should not be marked as sanitizer"
|
||||
else result = "OK"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
import semmle.javascript.Expr
|
||||
|
||||
from ImmediatelyInvokedFunctionExpr iife
|
||||
select iife, iife.getInvocation()
|
||||
select iife, iife.getInvocation()
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user