JS: Mass rename to node1,state1,node2,state2 naming convention

2026-04-30 19:26:02 +02:00 · 2024-12-13 14:57:05 +01:00
parent ac6da6c2b1
commit 079294e55f
34 changed files with 220 additions and 218 deletions
--- a/javascript/ql/examples/queries/dataflow/BackendIdor/BackendIdor.ql
+++ b/javascript/ql/examples/queries/dataflow/BackendIdor/BackendIdor.ql
@@ -18,9 +18,9 @@ module IdorTaintConfig implements DataFlow::ConfigSig {

  predicate isSink(DataFlow::Node node) { exists(ClientRequest req | node = req.getADataNode()) }

-  predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
+  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
    // Step from x -> { userId: x }
-    succ.(DataFlow::SourceNode).getAPropertyWrite("userId").getRhs() = pred
+    node2.(DataFlow::SourceNode).getAPropertyWrite("userId").getRhs() = node1
  }

  predicate isBarrier(DataFlow::Node node) {
--- a/javascript/ql/examples/queries/dataflow/InformationDisclosure/InformationDisclosure.ql
+++ b/javascript/ql/examples/queries/dataflow/InformationDisclosure/InformationDisclosure.ql
@@ -37,16 +37,16 @@ module AuthKeyTrackingConfig implements DataFlow::ConfigSig {
    )
  }

-  predicate isAdditionalFlowStep(DataFlow::Node pred, DataFlow::Node succ) {
+  predicate isAdditionalFlowStep(DataFlow::Node node1, DataFlow::Node node2) {
    // Step into objects: x -> { f: x }
-    succ.(DataFlow::SourceNode).getAPropertyWrite().getRhs() = pred
+    node2.(DataFlow::SourceNode).getAPropertyWrite().getRhs() = node1
    or
    // Step through JSON serialization: x -> JSON.stringify(x)
    // Note: TaintTracking::Configuration includes this step by default, but not DataFlow::Configuration
    exists(DataFlow::CallNode call |
      call = DataFlow::globalVarRef("JSON").getAMethodCall("stringify") and
-      pred = call.getArgument(0) and
-      succ = call
+      node1 = call.getArgument(0) and
+      node2 = call
    )
  }
 }