hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

JS: Recognize 'require' calls in more cases

Browse Source
This commit is contained in:
Asger F
2019-09-11 10:48:10 +01:00
parent 3b7ecd5ccf
commit 173f32d2ba
2 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
javascript/extractor/src/com/semmle/js/extractor/NodeJSDetector.java
View File

@@ -97,8 +97,9 @@ public class NodeJSDetector {
if (e instanceof CallExpression) {
CallExpression call = (CallExpression) e;
Expression callee = call.getCallee();
return (isIdentifier(callee, "require") || isRequireCall(callee))
&& call.getArguments().size() == 1;
if (isIdentifier(callee, "require") && call.getArguments().size() == 1) return true;
if (isRequireCall(callee)) return true;
return false;
} else if (e instanceof MemberExpression) {
return isRequireCall(((MemberExpression) e).getObject());
} else if (e instanceof AssignmentExpression) {

13
javascript/extractor/src/com/semmle/js/extractor/test/NodeJSDetectorTests.java
View File

@@ -164,9 +164,8 @@ public class NodeJSDetectorTests {
@Test
public void amdefine() {
// not currently detected
isNodeJS(
"if (typeof define !== 'function') define = require('amdefine')(module, require);", false);
"if (typeof define !== 'function') define = require('amdefine')(module, require);", true);
}
@Test
@@ -202,4 +201,14 @@ public class NodeJSDetectorTests {
+ "}",
true);
}
@Test
public void requireAndCall() {
isNodeJS("var foo = require('foo')();", true);
}
@Test
public void requireAndCallMethod() {
isNodeJS("var foo = require('foo').bar();", true);
}
}