Update ElectronShellOpenExternalSink location

Move the class ElectronShellOpenExternalSink to ClientSideUrlRedirect.qll. It's been to be a more appropriate location.
2026-04-28 10:15:14 +02:00 · 2020-10-23 17:39:03 +02:00
parent e87790b828
commit 3ccdc2c518
2 changed files with 12 additions and 12 deletions
--- a/javascript/ql/src/semmle/javascript/security/dataflow/ClientSideUrlRedirect.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/ClientSideUrlRedirect.qll
@@ -60,4 +60,15 @@ module ClientSideUrlRedirect {
      guard instanceof HostnameSanitizerGuard
    }
  }
+
+  /**
+   * Improper use of openExternal can be leveraged to compromise the user's host.
+   * When openExternal is used with untrusted content, it can be leveraged to execute arbitrary commands.
+   */
+  class ElectronShellOpenExternalSink extends Sink {
+    ElectronShellOpenExternalSink() {
+      this =
+        DataFlow::moduleMember("electron", "shell").getAMemberCall("openExternal").getArgument(0)
+    }
+  }
 }
--- a/javascript/ql/src/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
@@ -138,15 +138,4 @@ module CodeInjection {
        API::moduleImport("module").getInstance().getMember("_compile").getACall().getArgument(0)
    }
  }
-
-  /**
-   * Improper use of openExternal can be leveraged to compromise the user's host.
-   * When openExternal is used with untrusted content, it can be leveraged to execute arbitrary commands.
-   */
-  class ElectronShellOpenExternalSink extends Sink {
-    ElectronShellOpenExternalSink() {
-      this =
-        DataFlow::moduleMember("electron", "shell").getAMemberCall("openExternal").getArgument(0)
-    }
-  }
-}
+}