mirror of
https://github.com/github/codeql.git
synced 2026-04-28 18:25:24 +02:00
JavaScript: Consolidate tutorial tests.
This commit is contained in:
Max Schaefer
@@ -1 +0,0 @@
|
||||
| | 2 |
|
||||
@@ -1,4 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from Folder d
|
||||
select d.getRelativePath(), count(File f | f = d.getAFile() and f.getExtension() = "js")
|
||||
@@ -0,0 +1,8 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query1(string res0, int res1) {
|
||||
exists(Folder d |
|
||||
res0 = d.getRelativePath() and
|
||||
res1 = count(File f | f = d.getAFile() and f.getExtension() = "js" | f)
|
||||
)
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:31:1:33:1 | functio ... ++i);\\n} | This function uses i like a local variable. |
|
||||
@@ -1,7 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from Function f, GlobalVariable gv
|
||||
where
|
||||
gv.getAnAccess().getEnclosingFunction() = f and
|
||||
not f.getStartBB().isLiveAtEntry(gv, _)
|
||||
select f, "This function uses " + gv + " like a local variable."
|
||||
@@ -0,0 +1,9 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query10(Function f, string res) {
|
||||
exists(GlobalVariable gv |
|
||||
gv.getAnAccess().getEnclosingFunction() = f and not f.getStartBB().isLiveAtEntry(gv, _)
|
||||
|
|
||||
res = "This function uses " + gv.toString() + " like a local variable."
|
||||
)
|
||||
}
|
||||
@@ -1,4 +0,0 @@
|
||||
| tst.js:21:12:21:12 | x | Dead store of local variable. |
|
||||
| tst.js:31:12:31:12 | x | Dead store of local variable. |
|
||||
| tst.js:31:15:31:15 | y | Dead store of local variable. |
|
||||
| tst.js:31:18:31:18 | x | Dead store of local variable. |
|
||||
@@ -1,7 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from VarDef def, LocalVariable v
|
||||
where
|
||||
v = def.getAVariable() and
|
||||
not exists(VarUse use | def = use.getADef())
|
||||
select def, "Dead store of local variable."
|
||||
@@ -0,0 +1,7 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query11(VarDef def, string res) {
|
||||
exists(LocalVariable v | v = def.getAVariable() and not exists(VarUse use | def = use.getADef()) |
|
||||
res = "Dead store of local variable."
|
||||
)
|
||||
}
|
||||
@@ -1,9 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from SimpleParameter res, DataFlow::Node resNode, MethodCallExpr send
|
||||
where
|
||||
res.getName() = "res" and
|
||||
resNode = DataFlow::parameterNode(res) and
|
||||
resNode.getASuccessor+() = DataFlow::valueNode(send.getReceiver()) and
|
||||
send.getMethodName() = "send"
|
||||
select send
|
||||
@@ -0,0 +1,12 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query12(MethodCallExpr send) {
|
||||
exists(SimpleParameter res, DataFlow::Node resNode |
|
||||
res.getName() = "res" and
|
||||
resNode = DataFlow::parameterNode(res) and
|
||||
resNode.getASuccessor() = DataFlow::valueNode(send.getReceiver()) and
|
||||
send.getMethodName() = "send"
|
||||
|
|
||||
any()
|
||||
)
|
||||
}
|
||||
@@ -1,8 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from StrictEqualityTest eq, DataFlow::AnalyzedNode nd, NullLiteral null
|
||||
where
|
||||
eq.hasOperands(nd.asExpr(), null) and
|
||||
not nd.getAValue().isIndefinite(_) and
|
||||
not nd.getAValue() instanceof AbstractNull
|
||||
select eq, "Spurious null check."
|
||||
@@ -0,0 +1,11 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query13(StrictEqualityTest eq, string res) {
|
||||
exists(DataFlow::AnalyzedNode nd, NullLiteral null |
|
||||
eq.hasOperands(nd.asExpr(), null) and
|
||||
not nd.getAValue().isIndefinite(_) and
|
||||
not nd.getAValue() instanceof AbstractNull
|
||||
|
|
||||
res = "Spurious null check."
|
||||
)
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:9:1:9:3 | h() | Unable to find a callee for this call site. |
|
||||
@@ -1,7 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from DataFlow::InvokeNode cs
|
||||
where
|
||||
not cs.isIncomplete() and
|
||||
not exists(cs.getACallee())
|
||||
select cs, "Unable to find a callee for this call site."
|
||||
@@ -0,0 +1,7 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query14(DataFlow::InvokeNode cs, string res) {
|
||||
not cs.isIncomplete() and
|
||||
not exists(cs.getACallee()) and
|
||||
res = "Unable to find a callee for this call site."
|
||||
}
|
||||
@@ -1,12 +0,0 @@
|
||||
import javascript
|
||||
|
||||
class TrackedStringLiteral extends DataFlow::TrackedNode {
|
||||
TrackedStringLiteral() { this.asExpr() instanceof ConstantString }
|
||||
}
|
||||
|
||||
from TrackedStringLiteral source, DataFlow::Node sink, SsaExplicitDefinition def
|
||||
where
|
||||
source.flowsTo(sink) and
|
||||
sink = DataFlow::ssaDefinitionNode(def) and
|
||||
def.getSourceVariable().getName().toLowerCase() = "password"
|
||||
select sink
|
||||
@@ -0,0 +1,15 @@
|
||||
import javascript
|
||||
|
||||
class TrackedStringLiteral extends DataFlow::TrackedNode {
|
||||
TrackedStringLiteral() { this.asExpr() instanceof ConstantString }
|
||||
}
|
||||
|
||||
query predicate test_query15(DataFlow::Node sink) {
|
||||
exists(TrackedStringLiteral source, SsaExplicitDefinition def |
|
||||
source.flowsTo(sink) and
|
||||
sink = DataFlow::ssaDefinitionNode(def) and
|
||||
def.getSourceVariable().getName().toLowerCase() = "password"
|
||||
|
|
||||
any()
|
||||
)
|
||||
}
|
||||
@@ -19,6 +19,10 @@ class PasswordTracker extends DataFlow::Configuration {
|
||||
}
|
||||
}
|
||||
|
||||
from PasswordTracker pt, DataFlow::Node source, DataFlow::Node sink, Variable v
|
||||
where pt.hasFlow(source, sink) and pt.passwordVarAssign(v, sink)
|
||||
select sink, "Password variable " + v + " is assigned a constant string."
|
||||
query predicate test_query17(DataFlow::Node sink, string res) {
|
||||
exists(PasswordTracker pt, DataFlow::Node source, Variable v |
|
||||
pt.hasFlow(source, sink) and pt.passwordVarAssign(v, sink)
|
||||
|
|
||||
res = "Password variable " + v.toString() + " is assigned a constant string."
|
||||
)
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| m.js:1:1:3:0 | <toplevel> | 0 |
|
||||
@@ -1,4 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from NodeModule m
|
||||
select m, count(m.getAnImportedModule())
|
||||
@@ -0,0 +1,3 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query18(NodeModule m, int res) { res = count(m.getAnImportedModule()) }
|
||||
@@ -1,10 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from NPMPackage pkg, PackageDependencies deps, string name
|
||||
where
|
||||
deps = pkg.getPackageJSON().getDependencies() and
|
||||
deps.getADependency(name, _) and
|
||||
not exists(Require req | req.getTopLevel() = pkg.getAModule() |
|
||||
name = req.getImportedPath().getValue()
|
||||
)
|
||||
select deps, "Unused dependency '" + name + "'."
|
||||
@@ -0,0 +1,13 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query19(PackageDependencies deps, string res) {
|
||||
exists(NPMPackage pkg, string name |
|
||||
deps = pkg.getPackageJSON().getDependencies() and
|
||||
deps.getADependency(name, _) and
|
||||
not exists(Require req | req.getTopLevel() = pkg.getAModule() |
|
||||
name = req.getImportedPath().getValue()
|
||||
)
|
||||
|
|
||||
res = "Unused dependency '" + name + "'."
|
||||
)
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:25:3:25:3 | , | Omitted array elements are bad style. |
|
||||
@@ -1,9 +0,0 @@
|
||||
import javascript
|
||||
|
||||
class CommaToken extends PunctuatorToken {
|
||||
CommaToken() { getValue() = "," }
|
||||
}
|
||||
|
||||
from CommaToken comma
|
||||
where comma.getNextToken() instanceof CommaToken
|
||||
select comma, "Omitted array elements are bad style."
|
||||
@@ -0,0 +1,9 @@
|
||||
import javascript
|
||||
|
||||
class CommaToken extends PunctuatorToken {
|
||||
CommaToken() { getValue() = "," }
|
||||
}
|
||||
|
||||
query predicate test_query2(CommaToken comma, string res) {
|
||||
comma.getNextToken() instanceof CommaToken and res = "Omitted array elements are bad style."
|
||||
}
|
||||
@@ -1,5 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from SQL::SqlString ss
|
||||
where ss instanceof AddExpr
|
||||
select ss, "Use templating instead of string concatenation."
|
||||
@@ -0,0 +1,5 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query20(SQL::SqlString ss, string res) {
|
||||
ss instanceof AddExpr and res = "Use templating instead of string concatenation."
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:19:4:19:9 | @param | @param tag is missing name. |
|
||||
@@ -1,7 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from JSDocTag t
|
||||
where
|
||||
t.getTitle() = "param" and
|
||||
not exists(t.getName())
|
||||
select t, "@param tag is missing name."
|
||||
@@ -0,0 +1,5 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query21(JSDocTag t, string res) {
|
||||
t.getTitle() = "param" and not exists(t.getName()) and res = "@param tag is missing name."
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:27:1:27:4 | <!-- | Do not use HTML comments. |
|
||||
@@ -1,4 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from HtmlLineComment c
|
||||
select c, "Do not use HTML comments."
|
||||
@@ -0,0 +1,3 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query3(HtmlLineComment c, string res) { res = "Do not use HTML comments." }
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:29:1:29:5 | 1 + 2 | This expression should be bracketed to clarify precedence rules. |
|
||||
@@ -1,5 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from ShiftExpr shift, AddExpr add
|
||||
where add = shift.getAnOperand()
|
||||
select add, "This expression should be bracketed to clarify precedence rules."
|
||||
@@ -0,0 +1,7 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query4(AddExpr add, string res) {
|
||||
exists(ShiftExpr shift | add = shift.getAnOperand() |
|
||||
res = "This expression should be bracketed to clarify precedence rules."
|
||||
)
|
||||
}
|
||||
@@ -1,5 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from FunctionExpr fe
|
||||
where fe.getBody() instanceof Expr
|
||||
select fe, "Use arrow expressions instead of expression closures."
|
||||
@@ -0,0 +1,5 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query5(FunctionExpr fe, string res) {
|
||||
fe.getBody() instanceof Expr and res = "Use arrow expressions instead of expression closures."
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:31:1:33:1 | functio ... ++i);\\n} | This function has two parameters that bind the same variable. |
|
||||
@@ -1,9 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from Function fun, Parameter p, Parameter q, int i, int j
|
||||
where
|
||||
p = fun.getParameter(i) and
|
||||
q = fun.getParameter(j) and
|
||||
i < j and
|
||||
p.getAVariable() = q.getAVariable()
|
||||
select fun, "This function has two parameters that bind the same variable."
|
||||
@@ -0,0 +1,12 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query6(Function fun, string res) {
|
||||
exists(Parameter p, Parameter q, int i, int j |
|
||||
p = fun.getParameter(i) and
|
||||
q = fun.getParameter(j) and
|
||||
i < j and
|
||||
p.getAVariable() = q.getAVariable()
|
||||
|
|
||||
res = "This function has two parameters that bind the same variable."
|
||||
)
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:35:1:35:9 | var j, j; | Variable j is declared both $@ and $@. | tst.js:35:5:35:5 | j | here | tst.js:35:8:35:8 | j | here |
|
||||
@@ -1,11 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from DeclStmt ds, VariableDeclarator d1, VariableDeclarator d2, Variable v, int i, int j
|
||||
where
|
||||
d1 = ds.getDecl(i) and
|
||||
d2 = ds.getDecl(j) and
|
||||
i < j and
|
||||
v = d1.getBindingPattern().getAVariable() and
|
||||
v = d2.getBindingPattern().getAVariable() and
|
||||
not ds.getTopLevel().isMinified()
|
||||
select ds, "Variable " + v.getName() + " is declared both $@ and $@.", d1, "here", d2, "here"
|
||||
@@ -0,0 +1,18 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query7(
|
||||
DeclStmt ds, string res0, VariableDeclarator d1, string res1, VariableDeclarator d2, string res2
|
||||
) {
|
||||
exists(Variable v, int i, int j |
|
||||
d1 = ds.getDecl(i) and
|
||||
d2 = ds.getDecl(j) and
|
||||
i < j and
|
||||
v = d1.getBindingPattern().getAVariable() and
|
||||
v = d2.getBindingPattern().getAVariable() and
|
||||
not ds.getTopLevel().isMinified()
|
||||
|
|
||||
res0 = "Variable " + v.getName() + " is declared both $@ and $@." and
|
||||
res1 = "here" and
|
||||
res2 = "here"
|
||||
)
|
||||
}
|
||||
@@ -1 +0,0 @@
|
||||
| tst.js:1:2:1:24 | { x: 23 ... x: 56 } | Property x is defined both $@ and $@. | tst.js:1:4:1:8 | x: 23 | here | tst.js:1:18:1:22 | x: 56 | here |
|
||||
@@ -1,10 +0,0 @@
|
||||
import javascript
|
||||
|
||||
from ObjectExpr oe, Property p1, Property p2, int i, int j
|
||||
where
|
||||
p1 = oe.getProperty(i) and
|
||||
p2 = oe.getProperty(j) and
|
||||
i < j and
|
||||
p1.getName() = p2.getName() and
|
||||
not oe.getTopLevel().isMinified()
|
||||
select oe, "Property " + p1.getName() + " is defined both $@ and $@.", p1, "here", p2, "here"
|
||||
@@ -0,0 +1,17 @@
|
||||
import javascript
|
||||
|
||||
query predicate test_query8(
|
||||
ObjectExpr oe, string res0, Property p1, string res1, Property p2, string res2
|
||||
) {
|
||||
exists(int i, int j |
|
||||
p1 = oe.getProperty(i) and
|
||||
p2 = oe.getProperty(j) and
|
||||
i < j and
|
||||
p1.getName() = p2.getName() and
|
||||
not oe.getTopLevel().isMinified()
|
||||
|
|
||||
res0 = "Property " + p1.getName() + " is defined both $@ and $@." and
|
||||
res1 = "here" and
|
||||
res2 = "here"
|
||||
)
|
||||
}
|
||||
@@ -1,2 +0,0 @@
|
||||
| tst.js:3:1:3:15 | function f() {} | tst.js:6:5:6:19 | function f() {} |
|
||||
| tst.js:6:5:6:19 | function f() {} | tst.js:3:1:3:15 | function f() {} |
|
||||
@@ -1,9 +1,8 @@
|
||||
import javascript
|
||||
|
||||
from FunctionDeclStmt f, FunctionDeclStmt g
|
||||
where
|
||||
query predicate test_query9(FunctionDeclStmt f, FunctionDeclStmt g) {
|
||||
f != g and
|
||||
f.getVariable() = g.getVariable() and
|
||||
not f.getTopLevel().isMinified() and
|
||||
not g.getTopLevel().isMinified()
|
||||
select f, g
|
||||
}
|
||||
@@ -0,0 +1,37 @@
|
||||
test_query14
|
||||
| tst.js:9:1:9:3 | h() | Unable to find a callee for this call site. |
|
||||
test_query21
|
||||
| tst.js:19:4:19:9 | @param | @param tag is missing name. |
|
||||
test_query15
|
||||
test_query10
|
||||
| tst.js:31:1:33:1 | functio ... ++i);\\n} | This function uses i like a local variable. |
|
||||
test_query4
|
||||
| tst.js:29:1:29:5 | 1 + 2 | This expression should be bracketed to clarify precedence rules. |
|
||||
test_query19
|
||||
test_query17
|
||||
test_query18
|
||||
| m.js:1:1:3:0 | <toplevel> | 0 |
|
||||
test_query8
|
||||
| tst.js:1:2:1:24 | { x: 23 ... x: 56 } | Property x is defined both $@ and $@. | tst.js:1:4:1:8 | x: 23 | here | tst.js:1:18:1:22 | x: 56 | here |
|
||||
test_query11
|
||||
| tst.js:21:12:21:12 | x | Dead store of local variable. |
|
||||
| tst.js:31:12:31:12 | x | Dead store of local variable. |
|
||||
| tst.js:31:15:31:15 | y | Dead store of local variable. |
|
||||
| tst.js:31:18:31:18 | x | Dead store of local variable. |
|
||||
test_query12
|
||||
test_query20
|
||||
test_query3
|
||||
| tst.js:27:1:27:4 | <!-- | Do not use HTML comments. |
|
||||
test_query1
|
||||
| | 2 |
|
||||
test_query13
|
||||
test_query9
|
||||
| tst.js:3:1:3:15 | function f() {} | tst.js:6:5:6:19 | function f() {} |
|
||||
| tst.js:6:5:6:19 | function f() {} | tst.js:3:1:3:15 | function f() {} |
|
||||
test_query5
|
||||
test_query2
|
||||
| tst.js:25:3:25:3 | , | Omitted array elements are bad style. |
|
||||
test_query6
|
||||
| tst.js:31:1:33:1 | functio ... ++i);\\n} | This function has two parameters that bind the same variable. |
|
||||
test_query7
|
||||
| tst.js:35:1:35:9 | var j, j; | Variable j is declared both $@ and $@. | tst.js:35:5:35:5 | j | here | tst.js:35:8:35:8 | j | here |
|
||||
@@ -0,0 +1,20 @@
|
||||
import query14
|
||||
import query21
|
||||
import query15
|
||||
import query10
|
||||
import query4
|
||||
import query19
|
||||
import query17
|
||||
import query18
|
||||
import query8
|
||||
import query11
|
||||
import query12
|
||||
import query20
|
||||
import query3
|
||||
import query1
|
||||
import query13
|
||||
import query9
|
||||
import query5
|
||||
import query2
|
||||
import query6
|
||||
import query7
|
||||
Reference in New Issue
Block a user