hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 01:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Add initial file threat-model support

Browse Source 
However, as indicated by the `MISSING` annotations, we could do better.
This commit is contained in:
Rasmus Wriedt Larsen
2024-10-29 15:10:50 +01:00
parent 3656864695
commit 2b6c27eb60
2 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
javascript/ql/lib/semmle/javascript/Concepts.qll
View File

@@ -122,6 +122,19 @@ abstract class FileSystemReadAccess extends FileSystemAccess {
abstract DataFlow::Node getADataNode();
}
/**
* A FileSystemReadAccess seen as a ThreatModelSource.
*/
private class FileSystemReadAccessAsThreatModelSource extends ThreatModelSource::Range {
FileSystemReadAccessAsThreatModelSource() {
this = any(FileSystemReadAccess access).getADataNode()
}
override string getThreatModel() { result = "file" }
override string getSourceType() { result = "FileSystemReadAccess" }
}
/**
* A data flow node that writes data to the file system.
*/

34
javascript/ql/test/library-tests/threat-models/sources/sources.js
View File

@@ -55,3 +55,37 @@ connection.query('SELECT 1 + 1 AS solution', function (error, results, fields) {
SINK(results[0]); // $ hasFlow
SINK(results[0].solution); // $ hasFlow
});
// ------ reading from file ------
// Accessing file contents using fs
const fs = require('fs');
fs.readFile('file.txt', 'utf8', (err, data) => { // $ MISSING: threat-source=file
SINK(data); // $ MISSING: hasFlow
});
// Accessing file contents using fs.readFileSync
const fileContent = fs.readFileSync('file.txt', 'utf8'); // $ threat-source=file
SINK(fileContent); // $ hasFlow
// Accessing file contents using fs.promises
fs.promises.readFile('file.txt', 'utf8').then((data) => { // $ MISSING: threat-source=file
SINK(data); // $ MISSING: hasFlow
});
// Accessing file contents using fs.createReadStream
const readStream = fs.createReadStream('file.txt');
readStream.on('data', (chunk) => { // $ threat-source=file
SINK(chunk); // $ hasFlow
});
const data = readStream.read(); // $ threat-source=file
SINK(data); // $ hasFlow
// using readline
const readline = require('readline');
const rl_file = readline.createInterface({
input: fs.createReadStream('file.txt') // $ MISSING: threat-source=file
});
rl_file.on("line", (line) => {
SINK(line); // $ MISSING: hasFlow
});