hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

address review comments

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2022-04-01 14:33:30 +02:00
committed by Stephan Brandauer
parent 57041aad7c
commit 548f0286f3
8 changed files with 93 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
javascript/ql/experimental/adaptivethreatmodeling/lib/experimental/adaptivethreatmodeling/EndpointFeatures.qll
View File

@@ -17,22 +17,7 @@ private string getTokenFeature(DataFlow::Node endpoint, string featureName) {
// Performance optimization: Restrict feature extraction to endpoints we've explicitly asked to featurize.
endpoint = any(FeaturizationConfig cfg).getAnEndpointToFeaturize() and
exists(EndpointFeature f | f.getName() = featureName and result = f.getValue(endpoint)) and
isVettedFeature(featureName)
}
predicate isVettedFeature(string featureName) {
// allowlist of vetted features that are permitted in production
featureName =
any(EndpointFeature f |
f instanceof EnclosingFunctionName or
f instanceof CalleeName or
f instanceof ReceiverName or
f instanceof ArgumentIndex or
f instanceof CalleeApiName or
f instanceof CalleeAccessPath or
f instanceof CalleeAccessPathWithStructuralInfo or
f instanceof EnclosingFunctionBody
).getName()
featureName = getASupportedFeatureName()
}
/**
@@ -206,7 +191,20 @@ private module FunctionNames {
}
/** Get a name of a supported generic token-based feature. */
string getASupportedFeatureName() { isVettedFeature(result) }
string getASupportedFeatureName() {
// allowlist of vetted features that are permitted in production
result =
any(EndpointFeature f |
f instanceof EnclosingFunctionName or
f instanceof CalleeName or
f instanceof ReceiverName or
f instanceof ArgumentIndex or
f instanceof CalleeApiName or
f instanceof CalleeAccessPath or
f instanceof CalleeAccessPathWithStructuralInfo or
f instanceof EnclosingFunctionBody
).getName()
}
/**
* Generic token-based features for ATM.
@@ -253,7 +251,7 @@ abstract class EndpointFeature extends TEndpointFeature {
*/
abstract string getValue(DataFlow::Node endpoint);
string toString() { result = getName() }
string toString() { result = this.getName() }
}
/**
@@ -456,7 +454,7 @@ private module SyntacticUtilities {
w.getRhs() = node and
result = getSimpleParameterAccessPath(w.getBase()) + "." + getPropertyNameOrUnknown(w)
)
else result = "?"
else result = getUnknownSymbol()
}
/**
@@ -497,10 +495,12 @@ private module SyntacticUtilities {
if node instanceof DataFlow::InvokeNode
then
result = getSimpleAccessPath(node.(DataFlow::InvokeNode).getCalleeNode()) + "()"
else result = "?"
else result = getUnknownSymbol()
)
}
string getUnknownSymbol() { result = "?" }
/**
* Gets the imported path.
*
@@ -514,15 +514,17 @@ private module SyntacticUtilities {
exists(string p | p = i.getImportedPath().getValue() |
if p.matches(".%") then result = "\"p\"" else result = "!" // hide absolute imports from the ML training
)
else result = "?"
else result = getUnknownSymbol()
}
}
/**
* Gets the property name of a property reference or `?` if it is unknown.
*/
string getPropertyNameOrUnknown(DataFlow::PropRef ref) {
if exists(ref.getPropertyName()) then result = ref.getPropertyName() else result = "?"
/**
* Gets the property name of a property reference or `?` if it is unknown.
*/
string getPropertyNameOrUnknown(DataFlow::PropRef ref) {
if exists(ref.getPropertyName())
then result = ref.getPropertyName()
else result = getUnknownSymbol()
}
}
/**
@@ -537,11 +539,9 @@ class Callee_AccessPath extends EndpointFeature, TCallee_AccessPath {
override string getValue(DataFlow::Node endpoint) {
exists(DataFlow::InvokeNode invk |
exists(string path |
path = SyntacticUtilities::getSimpleAccessPath(invk.getCalleeNode()) and
// collapse the unknown path to the empty string, as is convention for old features
if path = "?" then result = "" else result = path
) and
result = SyntacticUtilities::getSimpleAccessPath(invk.getCalleeNode()) and
// ignore the unknown path
not result = SyntacticUtilities::getUnknownSymbol() and
(
invk.getAnArgument() = endpoint or
SyntacticUtilities::getANestedInitializerValue(invk.getAnArgument()
@@ -586,7 +586,7 @@ class Input_ArgumentIndexAndAccessPathFromCallee extends EndpointFeature,
class Input_AccessPathFromCallee extends EndpointFeature, TInput_AccessPathFromCallee {
override string getName() { result = "Input_AccessPathFromCallee" }
private string getValueMaybe(DataFlow::Node endpoint) {
override string getValue(DataFlow::Node endpoint) {
exists(DataFlow::InvokeNode invk |
result = SyntacticUtilities::getSimpleParameterAccessPath(endpoint) and
SyntacticUtilities::getANestedInitializerValue(invk.getAnArgument()
@@ -594,12 +594,6 @@ class Input_AccessPathFromCallee extends EndpointFeature, TInput_AccessPathFromC
.getUnderlyingValue()).flow() = endpoint
)
}
override string getValue(DataFlow::Node endpoint) {
if exists(this.getValueMaybe(endpoint))
then result = this.getValueMaybe(endpoint)
else result = ""
}
}
/**

3
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/EmptyFeature.expected
View File

@@ -1,3 +0,0 @@
| calleeApiName |
| enclosingFunctionBody |
| enclosingFunctionName |

1
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/EmptyFeature.ql
View File

@@ -1,5 +1,6 @@
import javascript
import experimental.adaptivethreatmodeling.EndpointFeatures
import experimental.adaptivethreatmodeling.FeaturizationConfig
import TestUtil
// every feature must produce a value for at least one endpoint, otherwise the feature is completely broken, or a relevant test example is missing

52
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/FeatureValue.expected
View File

@@ -1,5 +1,4 @@
| test.html:2:61:2:68 | endpoint | Callee_AccessPath | $event.target.files.item |
| test.html:2:61:2:68 | endpoint | Input_AccessPathFromCallee | |
| test.html:2:61:2:68 | endpoint | Input_ArgumentIndex | 0 |
| test.html:2:61:2:68 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.html:2:61:2:68 | endpoint | argumentIndex | 0 |
@@ -7,33 +6,39 @@
| test.html:2:61:2:68 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.html:2:61:2:68 | endpoint | calleeName | item |
| test.js:2:7:2:14 | endpoint | Callee_AccessPath | f |
| test.js:2:7:2:14 | endpoint | Input_AccessPathFromCallee | |
| test.js:2:7:2:14 | endpoint | Input_ArgumentIndex | 0 |
| test.js:2:7:2:14 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:2:7:2:14 | endpoint | argumentIndex | 0 |
| test.js:2:7:2:14 | endpoint | calleeAccessPath | |
| test.js:2:7:2:14 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:2:7:2:14 | endpoint | calleeName | f |
| test.js:2:7:2:14 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:2:7:2:14 | endpoint | enclosingFunctionName | |
| test.js:3:11:3:18 | endpoint | Callee_AccessPath | f |
| test.js:3:11:3:18 | endpoint | Input_AccessPathFromCallee | 0.p |
| test.js:3:11:3:18 | endpoint | Input_ArgumentIndex | 0 |
| test.js:3:11:3:18 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0.p |
| test.js:3:11:3:18 | endpoint | calleeAccessPath | |
| test.js:3:11:3:18 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:3:11:3:18 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:3:11:3:18 | endpoint | enclosingFunctionName | |
| test.js:4:15:4:22 | endpoint | Callee_AccessPath | f |
| test.js:4:15:4:22 | endpoint | Input_AccessPathFromCallee | 0.p.q |
| test.js:4:15:4:22 | endpoint | Input_ArgumentIndex | 0 |
| test.js:4:15:4:22 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0.p.q |
| test.js:4:15:4:22 | endpoint | calleeAccessPath | |
| test.js:4:15:4:22 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:4:15:4:22 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:4:15:4:22 | endpoint | enclosingFunctionName | |
| test.js:5:9:5:16 | endpoint | Callee_AccessPath | o.m |
| test.js:5:9:5:16 | endpoint | Input_AccessPathFromCallee | |
| test.js:5:9:5:16 | endpoint | Input_ArgumentIndex | 0 |
| test.js:5:9:5:16 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:5:9:5:16 | endpoint | argumentIndex | 0 |
| test.js:5:9:5:16 | endpoint | calleeAccessPath | |
| test.js:5:9:5:16 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:5:9:5:16 | endpoint | calleeName | m |
| test.js:5:9:5:16 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:5:9:5:16 | endpoint | enclosingFunctionName | |
| test.js:5:9:5:16 | endpoint | receiverName | o |
| test.js:6:13:6:20 | endpoint | Callee_AccessPath | o.m |
| test.js:6:13:6:20 | endpoint | Input_AccessPathFromCallee | 0.p |
@@ -41,53 +46,82 @@
| test.js:6:13:6:20 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0.p |
| test.js:6:13:6:20 | endpoint | calleeAccessPath | |
| test.js:6:13:6:20 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:6:13:6:20 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:6:13:6:20 | endpoint | enclosingFunctionName | |
| test.js:7:17:7:24 | endpoint | Callee_AccessPath | o.m |
| test.js:7:17:7:24 | endpoint | Input_AccessPathFromCallee | 0.p.q |
| test.js:7:17:7:24 | endpoint | Input_ArgumentIndex | 0 |
| test.js:7:17:7:24 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0.p.q |
| test.js:7:17:7:24 | endpoint | calleeAccessPath | |
| test.js:7:17:7:24 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:7:17:7:24 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:7:17:7:24 | endpoint | enclosingFunctionName | |
| test.js:8:11:8:18 | endpoint | Callee_AccessPath | F |
| test.js:8:11:8:18 | endpoint | Input_AccessPathFromCallee | |
| test.js:8:11:8:18 | endpoint | Input_ArgumentIndex | 0 |
| test.js:8:11:8:18 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | ? |
| test.js:8:11:8:18 | endpoint | calleeAccessPath | |
| test.js:8:11:8:18 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:8:11:8:18 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:8:11:8:18 | endpoint | enclosingFunctionName | |
| test.js:9:17:9:24 | endpoint | Callee_AccessPath | o.m().m().m |
| test.js:9:17:9:24 | endpoint | Input_AccessPathFromCallee | |
| test.js:9:17:9:24 | endpoint | Input_ArgumentIndex | 0 |
| test.js:9:17:9:24 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:9:17:9:24 | endpoint | argumentIndex | 0 |
| test.js:9:17:9:24 | endpoint | calleeAccessPath | |
| test.js:9:17:9:24 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:9:17:9:24 | endpoint | calleeName | m |
| test.js:9:17:9:24 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:9:17:9:24 | endpoint | enclosingFunctionName | |
| test.js:10:9:10:16 | endpoint | Callee_AccessPath | f() |
| test.js:10:9:10:16 | endpoint | Input_AccessPathFromCallee | |
| test.js:10:9:10:16 | endpoint | Input_ArgumentIndex | 0 |
| test.js:10:9:10:16 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:10:9:10:16 | endpoint | argumentIndex | 0 |
| test.js:10:9:10:16 | endpoint | calleeAccessPath | |
| test.js:10:9:10:16 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:10:9:10:16 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:10:9:10:16 | endpoint | enclosingFunctionName | |
| test.js:11:12:11:19 | endpoint | Callee_AccessPath | o.?.m |
| test.js:11:12:11:19 | endpoint | Input_AccessPathFromCallee | |
| test.js:11:12:11:19 | endpoint | Input_ArgumentIndex | 0 |
| test.js:11:12:11:19 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:11:12:11:19 | endpoint | argumentIndex | 0 |
| test.js:11:12:11:19 | endpoint | calleeAccessPath | |
| test.js:11:12:11:19 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:11:12:11:19 | endpoint | calleeName | m |
| test.js:11:12:11:19 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:11:12:11:19 | endpoint | enclosingFunctionName | |
| test.js:12:16:12:23 | endpoint | Callee_AccessPath | o.m.?.p.m |
| test.js:12:16:12:23 | endpoint | Input_AccessPathFromCallee | |
| test.js:12:16:12:23 | endpoint | Input_ArgumentIndex | 0 |
| test.js:12:16:12:23 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:12:16:12:23 | endpoint | argumentIndex | 0 |
| test.js:12:16:12:23 | endpoint | calleeAccessPath | |
| test.js:12:16:12:23 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:12:16:12:23 | endpoint | calleeName | m |
| test.js:12:16:12:23 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:12:16:12:23 | endpoint | enclosingFunctionName | |
| test.js:13:15:13:22 | endpoint | Callee_AccessPath | (await p) |
| test.js:13:15:13:22 | endpoint | Input_AccessPathFromCallee | |
| test.js:13:15:13:22 | endpoint | Input_ArgumentIndex | 0 |
| test.js:13:15:13:22 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:13:15:13:22 | endpoint | argumentIndex | 0 |
| test.js:13:15:13:22 | endpoint | calleeAccessPath | |
| test.js:13:15:13:22 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:13:15:13:22 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:13:15:13:22 | endpoint | enclosingFunctionName | |
| test.js:14:27:14:34 | endpoint | Callee_AccessPath | import(!).bar.baz |
| test.js:14:27:14:34 | endpoint | Input_ArgumentIndex | 0 |
| test.js:14:27:14:34 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:14:27:14:34 | endpoint | argumentIndex | 0 |
| test.js:14:27:14:34 | endpoint | calleeAccessPath | foo bar baz |
| test.js:14:27:14:34 | endpoint | calleeAccessPathWithStructuralInfo | foo member bar member baz instanceorreturn |
| test.js:14:27:14:34 | endpoint | calleeApiName | foo |
| test.js:14:27:14:34 | endpoint | calleeName | baz |
| test.js:14:27:14:34 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:14:27:14:34 | endpoint | enclosingFunctionName | |
| test.js:16:13:16:20 | endpoint | Callee_AccessPath | bar |
| test.js:16:13:16:20 | endpoint | Input_ArgumentIndex | 0 |
| test.js:16:13:16:20 | endpoint | Input_ArgumentIndexAndAccessPathFromCallee | 0 |
| test.js:16:13:16:20 | endpoint | argumentIndex | 0 |
| test.js:16:13:16:20 | endpoint | calleeAccessPath | |
| test.js:16:13:16:20 | endpoint | calleeAccessPathWithStructuralInfo | |
| test.js:16:13:16:20 | endpoint | calleeName | bar |
| test.js:16:13:16:20 | endpoint | enclosingFunctionBody | f endpoint f p endpoint f p q endpoint o m endpoint o m p endpoint o m p q endpoint F endpoint o m m m endpoint f endpoint o x m endpoint o m x p m endpoint p endpoint foo bar baz endpoint foo bar endpoint |
| test.js:16:13:16:20 | endpoint | enclosingFunctionName | |

63
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/NonTotalFeature.expected
View File

@@ -1,63 +0,0 @@
| test.html:2:61:2:68 | endpoint | calleeApiName |
| test.html:2:61:2:68 | endpoint | enclosingFunctionBody |
| test.html:2:61:2:68 | endpoint | enclosingFunctionName |
| test.html:2:61:2:68 | endpoint | receiverName |
| test.js:2:7:2:14 | endpoint | calleeApiName |
| test.js:2:7:2:14 | endpoint | enclosingFunctionBody |
| test.js:2:7:2:14 | endpoint | enclosingFunctionName |
| test.js:2:7:2:14 | endpoint | receiverName |
| test.js:3:11:3:18 | endpoint | argumentIndex |
| test.js:3:11:3:18 | endpoint | calleeApiName |
| test.js:3:11:3:18 | endpoint | calleeName |
| test.js:3:11:3:18 | endpoint | enclosingFunctionBody |
| test.js:3:11:3:18 | endpoint | enclosingFunctionName |
| test.js:3:11:3:18 | endpoint | receiverName |
| test.js:4:15:4:22 | endpoint | argumentIndex |
| test.js:4:15:4:22 | endpoint | calleeApiName |
| test.js:4:15:4:22 | endpoint | calleeName |
| test.js:4:15:4:22 | endpoint | enclosingFunctionBody |
| test.js:4:15:4:22 | endpoint | enclosingFunctionName |
| test.js:4:15:4:22 | endpoint | receiverName |
| test.js:5:9:5:16 | endpoint | calleeApiName |
| test.js:5:9:5:16 | endpoint | enclosingFunctionBody |
| test.js:5:9:5:16 | endpoint | enclosingFunctionName |
| test.js:6:13:6:20 | endpoint | argumentIndex |
| test.js:6:13:6:20 | endpoint | calleeApiName |
| test.js:6:13:6:20 | endpoint | calleeName |
| test.js:6:13:6:20 | endpoint | enclosingFunctionBody |
| test.js:6:13:6:20 | endpoint | enclosingFunctionName |
| test.js:6:13:6:20 | endpoint | receiverName |
| test.js:7:17:7:24 | endpoint | argumentIndex |
| test.js:7:17:7:24 | endpoint | calleeApiName |
| test.js:7:17:7:24 | endpoint | calleeName |
| test.js:7:17:7:24 | endpoint | enclosingFunctionBody |
| test.js:7:17:7:24 | endpoint | enclosingFunctionName |
| test.js:7:17:7:24 | endpoint | receiverName |
| test.js:8:11:8:18 | endpoint | argumentIndex |
| test.js:8:11:8:18 | endpoint | calleeApiName |
| test.js:8:11:8:18 | endpoint | calleeName |
| test.js:8:11:8:18 | endpoint | enclosingFunctionBody |
| test.js:8:11:8:18 | endpoint | enclosingFunctionName |
| test.js:8:11:8:18 | endpoint | receiverName |
| test.js:9:17:9:24 | endpoint | calleeApiName |
| test.js:9:17:9:24 | endpoint | enclosingFunctionBody |
| test.js:9:17:9:24 | endpoint | enclosingFunctionName |
| test.js:9:17:9:24 | endpoint | receiverName |
| test.js:10:9:10:16 | endpoint | calleeApiName |
| test.js:10:9:10:16 | endpoint | calleeName |
| test.js:10:9:10:16 | endpoint | enclosingFunctionBody |
| test.js:10:9:10:16 | endpoint | enclosingFunctionName |
| test.js:10:9:10:16 | endpoint | receiverName |
| test.js:11:12:11:19 | endpoint | calleeApiName |
| test.js:11:12:11:19 | endpoint | enclosingFunctionBody |
| test.js:11:12:11:19 | endpoint | enclosingFunctionName |
| test.js:11:12:11:19 | endpoint | receiverName |
| test.js:12:16:12:23 | endpoint | calleeApiName |
| test.js:12:16:12:23 | endpoint | enclosingFunctionBody |
| test.js:12:16:12:23 | endpoint | enclosingFunctionName |
| test.js:12:16:12:23 | endpoint | receiverName |
| test.js:13:15:13:22 | endpoint | calleeApiName |
| test.js:13:15:13:22 | endpoint | calleeName |
| test.js:13:15:13:22 | endpoint | enclosingFunctionBody |
| test.js:13:15:13:22 | endpoint | enclosingFunctionName |
| test.js:13:15:13:22 | endpoint | receiverName |

8
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/NonTotalFeature.ql
View File

@@ -1,8 +0,0 @@
import javascript
import experimental.adaptivethreatmodeling.EndpointFeatures
import TestUtil
// every feature should produce a value for all endpoints
from EndpointFeature feature, Endpoint endpoint
where not exists(feature.getValue(endpoint))
select endpoint, feature.getName()

12
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/TestUtil.qll
View File

@@ -1,4 +1,16 @@
import javascript
import experimental.adaptivethreatmodeling.FeaturizationConfig
/**
* A featurization config that featurizes all endpoints.
*
* Ideally this should not be in here, but it is needed for EnclosingFunctionName and EnclosingFunctionBody due to performance considerations :(.
*/
class NoRestrictionsFeaturizationConfig extends FeaturizationConfig {
NoRestrictionsFeaturizationConfig() { this = "NoRestrictionsFeaturization" }
override DataFlow::Node getAnEndpointToFeaturize() { any() }
}
class Endpoint extends DataFlow::Node {
Endpoint() { this.asExpr().(VarAccess).getName() = "endpoint" }

4
javascript/ql/experimental/adaptivethreatmodeling/test/generic_feature_testing/test.js
View File

@@ -11,4 +11,8 @@
o[x].m(endpoint);
o.m[x].p.m(endpoint);
(await p)(endpoint);
import("foo").bar.baz(endpoint);
function foo() {
bar(endpoint);
}
});