hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 02:35:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Port PostMessageStar

Browse Source
This commit is contained in:
Asger F
2023-10-05 09:21:37 +02:00
parent e1fae3d16d
commit 2400af4bc3
3 changed files with 43 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
javascript/ql/lib/semmle/javascript/security/dataflow/PostMessageStarQuery.qll
View File

@@ -11,7 +11,7 @@ import javascript
import PostMessageStarCustomizations::PostMessageStar
// Materialize flow labels
private class ConcretePartiallyTaintedObject extends PartiallyTaintedObject {
deprecated private class ConcretePartiallyTaintedObject extends PartiallyTaintedObject {
ConcretePartiallyTaintedObject() { this = this }
}
@@ -26,7 +26,27 @@ private class ConcretePartiallyTaintedObject extends PartiallyTaintedObject {
* Additional sources or sinks can be added either by extending the relevant class, or by subclassing
* this configuration itself, and amending the sources and sinks.
*/
class Configuration extends TaintTracking::Configuration {
module PostMessageStarConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node source) { source instanceof Source }
predicate isSink(DataFlow::Node sink) { sink instanceof Sink }
predicate isBarrier(DataFlow::Node node) { node instanceof Sanitizer }
predicate allowImplicitRead(DataFlow::Node node, DataFlow::ContentSet contents) {
isSink(node) and contents = DataFlow::ContentSet::anyProperty()
}
}
/**
* A taint tracking configuration for cross-window communication with unrestricted origin.
*/
module PostMessageStarFlow = TaintTracking::Global<PostMessageStarConfig>;
/**
* DEPRECATED. Use the `PostMessageStarFlow` module instead.
*/
deprecated class Configuration extends TaintTracking::Configuration {
Configuration() { this = "PostMessageStar" }
override predicate isSource(DataFlow::Node source) { source instanceof Source }