Merge pull request #632 from asger-semmle/pseudo-random-bytes

JS: add crypto.pseudoRandomBytes as source in InsecureRandomness.ql
2026-04-29 10:45:15 +02:00 · 2018-12-13 08:14:40 +00:00
parent df42707050 4fc27aaa51
commit 54bb9d185f
4 changed files with 11 additions and 1 deletions
--- a/javascript/ql/src/semmle/javascript/security/dataflow/InsecureRandomness.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/InsecureRandomness.qll
@@ -68,7 +68,7 @@ module InsecureRandomness {
   * A simple random number generator that is not cryptographically secure.
   */
  class DefaultSource extends Source, DataFlow::ValueNode {
-    override CallExpr astNode;
+    override InvokeExpr astNode;

    DefaultSource() {
      exists(DataFlow::ModuleImportNode mod, string name | mod.getPath() = name |
@@ -98,6 +98,9 @@ module InsecureRandomness {
      or
      // (new require('chance')).<name>()
      this = DataFlow::moduleImport("chance").getAnInstantiation().getAMemberInvocation(_)
+      or
+      // require('crypto').pseudoRandomBytes()
+      this = DataFlow::moduleMember("crypto", "pseudoRandomBytes").getAnInvocation()
    }
  }