mirror of
https://github.com/github/codeql.git
synced 2026-04-22 07:15:15 +02:00
JS: Add clarifying comment
This commit is contained in:
@@ -866,6 +866,14 @@ module API {
|
||||
.getAReturn()
|
||||
)
|
||||
or
|
||||
// Handle rest parameters escaping into external code. For example:
|
||||
//
|
||||
// function foo(...rest) {
|
||||
// externalFunc(rest);
|
||||
// }
|
||||
//
|
||||
// Here, 'rest' reaches a def-node at the call to externalFunc, so we need to ensure
|
||||
// the arguments passed to 'foo' are stored in the 'rest' array.
|
||||
exists(Function fun, DataFlow::InvokeNode invoke, int argIndex, Parameter rest |
|
||||
fun.getRestParameter() = rest and
|
||||
rest.flow() = pred and
|
||||
|
||||
Reference in New Issue
Block a user