hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

ATM: new feature to list all imports in an endpoint's file

Browse Source
This commit is contained in:
Stephan Brandauer
2022-04-14 11:33:55 +02:00
parent d0faf71113
commit 25db666087
2 changed files with 79 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll
View File

@@ -230,9 +230,10 @@ private newtype TEndpointFeature =
TCalleeAccessPath() or
TCalleeAccessPathWithStructuralInfo() or
TEnclosingFunctionBody() or
TCallee_AccessPath() or
TInput_AccessPathFromCallee() or
TInput_ArgumentIndex()
TFileImports() or
TCalleeFlexibleAccessPath() or
TInputAccessPathFromCallee() or
TInputArgumentIndex()
/**
* An implementation of an endpoint feature: produces feature names and values for used in ML.
@@ -410,10 +411,29 @@ class EnclosingFunctionBody extends EndpointFeature, TEnclosingFunctionBody {
}
}
/** The feature for the imports defined in the file containing an endpoint. */
class FileImports extends EndpointFeature, TFileImports {
override string getName() { result = "fileImports" }
override string getValue(DataFlow::Node endpoint) {
result =
concat(string importPath |
importPath = SyntacticUtilities::getImportPathForFile(endpoint.getFile())
|
importPath, " " order by importPath
)
}
}
/**
* Syntactic utilities for feature value computation.
*/
private module SyntacticUtilities {
/** Gets an import located in `file`. */
string getImportPathForFile(File file) {
result = any(Import imp | imp.getFile() = file).getImportedPath().getValue()
}
/**
* Gets a property initializer value in a an object literal or one of its nested object literals.
*/
@@ -542,8 +562,8 @@ private module SyntacticUtilities {
* foo[complex()].bar(endpoint); // -> foo.?.bar
* ```
*/
class Callee_AccessPath extends EndpointFeature, TCallee_AccessPath {
override string getName() { result = "Callee_AccessPath" }
class CalleeFlexibleAccessPath extends EndpointFeature, TCalleeFlexibleAccessPath {
override string getName() { result = "CalleeFlexibleAccessPath" }
override string getValue(DataFlow::Node endpoint) {
exists(DataFlow::InvokeNode invk |
@@ -565,7 +585,7 @@ class Callee_AccessPath extends EndpointFeature, TCallee_AccessPath {
*
* "Containment" is syntactic, and currently means that the endpoint is an argument to the call, or that the endpoint is a (nested) property value of an argument.
*
* This feature, together with `Input_ArgumentIndex` is intended as a far superior version of the `ArgumentIndexFeature`.
* This feature, together with `InputArgumentIndex` is intended as a far superior version of the `ArgumentIndexFeature`.
*
* Examples:
* ```
@@ -573,8 +593,8 @@ class Callee_AccessPath extends EndpointFeature, TCallee_AccessPath {
* foo(x, { bar: { baz: endpoint } }); // -> bar.baz
* ```
*/
class Input_AccessPathFromCallee extends EndpointFeature, TInput_AccessPathFromCallee {
override string getName() { result = "Input_AccessPathFromCallee" }
class InputAccessPathFromCallee extends EndpointFeature, TInputAccessPathFromCallee {
override string getName() { result = "InputAccessPathFromCallee" }
override string getValue(DataFlow::Node endpoint) {
exists(DataFlow::InvokeNode invk |
@@ -600,8 +620,8 @@ class Input_AccessPathFromCallee extends EndpointFeature, TInput_AccessPathFromC
* foo(x, { bar: { baz: endpoint } }); // -> 1
* ```
*/
class Input_ArgumentIndex extends EndpointFeature, TInput_ArgumentIndex {
override string getName() { result = "Input_ArgumentIndex" }
class InputArgumentIndex extends EndpointFeature, TInputArgumentIndex {
override string getName() { result = "InputArgumentIndex" }
override string getValue(DataFlow::Node endpoint) {
exists(DataFlow::InvokeNode invk, DataFlow::Node arg, int i | arg = invk.getArgument(i) |

83
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/FeatureValue.expected
View File

@@ -1,100 +1,113 @@
| test.html:2:61:2:68 | endpoint | Callee_AccessPath | $event.target.files.item |
| test.html:2:61:2:68 | endpoint | Input_ArgumentIndex | 0 |
| test.html:2:61:2:68 | endpoint | CalleeFlexibleAccessPath | $event.target.files.item |
| test.html:2:61:2:68 | endpoint | InputArgumentIndex | 0 |
| test.html:2:61:2:68 | endpoint | argumentIndex | 0 |
| test.html:2:61:2:68 | endpoint | calleeAccessPath | |
| test.html:2:61:2:68 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.html:2:61:2:68 | endpoint | calleeName | item |
| test.js:2:7:2:14 | endpoint | Callee_AccessPath | f |
| test.js:2:7:2:14 | endpoint | Input_ArgumentIndex | 0 |
| test.html:2:61:2:68 | endpoint | fileImports | |
| test.js:2:7:2:14 | endpoint | CalleeFlexibleAccessPath | f |
| test.js:2:7:2:14 | endpoint | InputArgumentIndex | 0 |
| test.js:2:7:2:14 | endpoint | argumentIndex | 0 |
| test.js:2:7:2:14 | endpoint | calleeAccessPath | |
| test.js:2:7:2:14 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:2:7:2:14 | endpoint | calleeName | f |
| test.js:2:7:2:14 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:2:7:2:14 | endpoint | enclosingFunctionName | |
| test.js:3:11:3:18 | endpoint | Callee_AccessPath | f |
| test.js:3:11:3:18 | endpoint | Input_AccessPathFromCallee | 0.p |
| test.js:3:11:3:18 | endpoint | Input_ArgumentIndex | 0 |
| test.js:2:7:2:14 | endpoint | fileImports | foo |
| test.js:3:11:3:18 | endpoint | CalleeFlexibleAccessPath | f |
| test.js:3:11:3:18 | endpoint | InputAccessPathFromCallee | 0.p |
| test.js:3:11:3:18 | endpoint | InputArgumentIndex | 0 |
| test.js:3:11:3:18 | endpoint | calleeAccessPath | |
| test.js:3:11:3:18 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:3:11:3:18 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:3:11:3:18 | endpoint | enclosingFunctionName | |
| test.js:4:15:4:22 | endpoint | Callee_AccessPath | f |
| test.js:4:15:4:22 | endpoint | Input_AccessPathFromCallee | 0.p.q |
| test.js:4:15:4:22 | endpoint | Input_ArgumentIndex | 0 |
| test.js:3:11:3:18 | endpoint | fileImports | foo |
| test.js:4:15:4:22 | endpoint | CalleeFlexibleAccessPath | f |
| test.js:4:15:4:22 | endpoint | InputAccessPathFromCallee | 0.p.q |
| test.js:4:15:4:22 | endpoint | InputArgumentIndex | 0 |
| test.js:4:15:4:22 | endpoint | calleeAccessPath | |
| test.js:4:15:4:22 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:4:15:4:22 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:4:15:4:22 | endpoint | enclosingFunctionName | |
| test.js:5:9:5:16 | endpoint | Callee_AccessPath | o.m |
| test.js:5:9:5:16 | endpoint | Input_ArgumentIndex | 0 |
| test.js:4:15:4:22 | endpoint | fileImports | foo |
| test.js:5:9:5:16 | endpoint | CalleeFlexibleAccessPath | o.m |
| test.js:5:9:5:16 | endpoint | InputArgumentIndex | 0 |
| test.js:5:9:5:16 | endpoint | argumentIndex | 0 |
| test.js:5:9:5:16 | endpoint | calleeAccessPath | |
| test.js:5:9:5:16 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:5:9:5:16 | endpoint | calleeName | m |
| test.js:5:9:5:16 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:5:9:5:16 | endpoint | enclosingFunctionName | |
| test.js:5:9:5:16 | endpoint | fileImports | foo |
| test.js:5:9:5:16 | endpoint | receiverName | o |
| test.js:6:13:6:20 | endpoint | Callee_AccessPath | o.m |
| test.js:6:13:6:20 | endpoint | Input_AccessPathFromCallee | 0.p |
| test.js:6:13:6:20 | endpoint | Input_ArgumentIndex | 0 |
| test.js:6:13:6:20 | endpoint | CalleeFlexibleAccessPath | o.m |
| test.js:6:13:6:20 | endpoint | InputAccessPathFromCallee | 0.p |
| test.js:6:13:6:20 | endpoint | InputArgumentIndex | 0 |
| test.js:6:13:6:20 | endpoint | calleeAccessPath | |
| test.js:6:13:6:20 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:6:13:6:20 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:6:13:6:20 | endpoint | enclosingFunctionName | |
| test.js:7:17:7:24 | endpoint | Callee_AccessPath | o.m |
| test.js:7:17:7:24 | endpoint | Input_AccessPathFromCallee | 0.p.q |
| test.js:7:17:7:24 | endpoint | Input_ArgumentIndex | 0 |
| test.js:6:13:6:20 | endpoint | fileImports | foo |
| test.js:7:17:7:24 | endpoint | CalleeFlexibleAccessPath | o.m |
| test.js:7:17:7:24 | endpoint | InputAccessPathFromCallee | 0.p.q |
| test.js:7:17:7:24 | endpoint | InputArgumentIndex | 0 |
| test.js:7:17:7:24 | endpoint | calleeAccessPath | |
| test.js:7:17:7:24 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:7:17:7:24 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:7:17:7:24 | endpoint | enclosingFunctionName | |
| test.js:8:11:8:18 | endpoint | Callee_AccessPath | F |
| test.js:8:11:8:18 | endpoint | Input_ArgumentIndex | 0 |
| test.js:7:17:7:24 | endpoint | fileImports | foo |
| test.js:8:11:8:18 | endpoint | CalleeFlexibleAccessPath | F |
| test.js:8:11:8:18 | endpoint | InputArgumentIndex | 0 |
| test.js:8:11:8:18 | endpoint | calleeAccessPath | |
| test.js:8:11:8:18 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:8:11:8:18 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:8:11:8:18 | endpoint | enclosingFunctionName | |
| test.js:9:17:9:24 | endpoint | Callee_AccessPath | o.m().m().m |
| test.js:9:17:9:24 | endpoint | Input_ArgumentIndex | 0 |
| test.js:8:11:8:18 | endpoint | fileImports | foo |
| test.js:9:17:9:24 | endpoint | CalleeFlexibleAccessPath | o.m().m().m |
| test.js:9:17:9:24 | endpoint | InputArgumentIndex | 0 |
| test.js:9:17:9:24 | endpoint | argumentIndex | 0 |
| test.js:9:17:9:24 | endpoint | calleeAccessPath | |
| test.js:9:17:9:24 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:9:17:9:24 | endpoint | calleeName | m |
| test.js:9:17:9:24 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:9:17:9:24 | endpoint | enclosingFunctionName | |
| test.js:10:9:10:16 | endpoint | Callee_AccessPath | f() |
| test.js:10:9:10:16 | endpoint | Input_ArgumentIndex | 0 |
| test.js:9:17:9:24 | endpoint | fileImports | foo |
| test.js:10:9:10:16 | endpoint | CalleeFlexibleAccessPath | f() |
| test.js:10:9:10:16 | endpoint | InputArgumentIndex | 0 |
| test.js:10:9:10:16 | endpoint | argumentIndex | 0 |
| test.js:10:9:10:16 | endpoint | calleeAccessPath | |
| test.js:10:9:10:16 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:10:9:10:16 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:10:9:10:16 | endpoint | enclosingFunctionName | |
| test.js:11:12:11:19 | endpoint | Callee_AccessPath | o.?.m |
| test.js:11:12:11:19 | endpoint | Input_ArgumentIndex | 0 |
| test.js:10:9:10:16 | endpoint | fileImports | foo |
| test.js:11:12:11:19 | endpoint | CalleeFlexibleAccessPath | o.?.m |
| test.js:11:12:11:19 | endpoint | InputArgumentIndex | 0 |
| test.js:11:12:11:19 | endpoint | argumentIndex | 0 |
| test.js:11:12:11:19 | endpoint | calleeAccessPath | |
| test.js:11:12:11:19 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:11:12:11:19 | endpoint | calleeName | m |
| test.js:11:12:11:19 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:11:12:11:19 | endpoint | enclosingFunctionName | |
| test.js:12:16:12:23 | endpoint | Callee_AccessPath | o.m.?.p.m |
| test.js:12:16:12:23 | endpoint | Input_ArgumentIndex | 0 |
| test.js:11:12:11:19 | endpoint | fileImports | foo |
| test.js:12:16:12:23 | endpoint | CalleeFlexibleAccessPath | o.m.?.p.m |
| test.js:12:16:12:23 | endpoint | InputArgumentIndex | 0 |
| test.js:12:16:12:23 | endpoint | argumentIndex | 0 |
| test.js:12:16:12:23 | endpoint | calleeAccessPath | |
| test.js:12:16:12:23 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:12:16:12:23 | endpoint | calleeName | m |
| test.js:12:16:12:23 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:12:16:12:23 | endpoint | enclosingFunctionName | |
| test.js:13:15:13:22 | endpoint | Callee_AccessPath | (await p) |
| test.js:13:15:13:22 | endpoint | Input_ArgumentIndex | 0 |
| test.js:12:16:12:23 | endpoint | fileImports | foo |
| test.js:13:15:13:22 | endpoint | CalleeFlexibleAccessPath | (await p) |
| test.js:13:15:13:22 | endpoint | InputArgumentIndex | 0 |
| test.js:13:15:13:22 | endpoint | argumentIndex | 0 |
| test.js:13:15:13:22 | endpoint | calleeAccessPath | |
| test.js:13:15:13:22 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:13:15:13:22 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:13:15:13:22 | endpoint | enclosingFunctionName | |
| test.js:14:27:14:34 | endpoint | Callee_AccessPath | import(!).bar.baz |
| test.js:14:27:14:34 | endpoint | Input_ArgumentIndex | 0 |
| test.js:13:15:13:22 | endpoint | fileImports | foo |
| test.js:14:27:14:34 | endpoint | CalleeFlexibleAccessPath | import(!).bar.baz |
| test.js:14:27:14:34 | endpoint | InputArgumentIndex | 0 |
| test.js:14:27:14:34 | endpoint | argumentIndex | 0 |
| test.js:14:27:14:34 | endpoint | calleeAccessPath | foo bar baz |
| test.js:14:27:14:34 | endpoint | calleeAccessPathWithStructuralInfo | foo member bar member baz instanceorreturn |
@@ -102,11 +115,13 @@
| test.js:14:27:14:34 | endpoint | calleeName | baz |
| test.js:14:27:14:34 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:14:27:14:34 | endpoint | enclosingFunctionName | |
| test.js:16:13:16:20 | endpoint | Callee_AccessPath | bar |
| test.js:16:13:16:20 | endpoint | Input_ArgumentIndex | 0 |
| test.js:14:27:14:34 | endpoint | fileImports | foo |
| test.js:16:13:16:20 | endpoint | CalleeFlexibleAccessPath | bar |
| test.js:16:13:16:20 | endpoint | InputArgumentIndex | 0 |
| test.js:16:13:16:20 | endpoint | argumentIndex | 0 |
| test.js:16:13:16:20 | endpoint | calleeAccessPath | |
| test.js:16:13:16:20 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:16:13:16:20 | endpoint | calleeName | bar |
| test.js:16:13:16:20 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:16:13:16:20 | endpoint | enclosingFunctionName | |
| test.js:16:13:16:20 | endpoint | fileImports | foo |