hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

remove redundant code

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2019-11-15 16:17:18 +01:00
parent d36312cf9f
commit 4073dfaf24
2 changed files with 8 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
javascript/ql/src/semmle/javascript/security/dataflow/ExceptionXss.qll
View File

@@ -14,29 +14,21 @@ module ExceptionXss {
import Xss::StoredXss as StoredXss
import Xss as XSS
DataFlow::ExceptionalInvocationReturnNode getCallerExceptionalReturn(DataFlow::FunctionNode func) {
DataFlow::ExceptionalInvocationReturnNode getCallerExceptionalReturn(Function func) {
exists(DataFlow::InvokeNode call |
not call.isImprecise() and
func.getFunction() = call.(DataFlow::InvokeNode).getACallee() and
func = call.(DataFlow::InvokeNode).getACallee() and
result = call.getExceptionalReturn()
)
}
DataFlow::Node getExceptionalSuccssor(DataFlow::Node pred) {
exists(DataFlow::FunctionNode func |
pred.getContainer() = func.getFunction() and
if exists(getEnclosingTryStmt(pred.asExpr().getEnclosingStmt()))
then
result.(DataFlow::ParameterNode).getParameter() = getEnclosingTryStmt(pred
.asExpr()
.getEnclosingStmt()).getACatchClause().getAParameter()
else result = getCallerExceptionalReturn(func)
)
or
exists(DataFlow::InvokeNode call |
pred = call.getExceptionalReturn() and
result = getExceptionalSuccssor(call)
)
if exists(getEnclosingTryStmt(pred.asExpr().getEnclosingStmt()))
then
result.(DataFlow::ParameterNode).getParameter() = getEnclosingTryStmt(pred
.asExpr()
.getEnclosingStmt()).getACatchClause().getAParameter()
else result = getCallerExceptionalReturn(pred.getContainer())
}
predicate canThrowSensitiveInformation(DataFlow::Node node) {