add model for the gray-matter libary to js/code-injection

2026-05-03 12:45:27 +02:00 · 2022-06-29 23:11:10 +02:00
parent 7ee11056d7
commit 22d285f777
4 changed files with 31 additions and 1 deletions
--- a/javascript/ql/lib/change-notes/2022-06-22-sensitive-common-words
+++ b/javascript/ql/lib/change-notes/2022-06-22-sensitive-common-words
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* The `gray-matter` library is now modeled as a sink for the `js/code-injection` query.
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
@@ -51,6 +51,11 @@ module CodeInjection {
    }
  }

+  /** An expression parsed by the `gray-matter` library. */
+  class GrayMatterSink extends Sink {
+    GrayMatterSink() { this = DataFlow::moduleImport("gray-matter").getACall().getArgument(0) }
+  }
+
  /**
   * A template tag occurring in JS code, viewed as a code injection sink.
   */