Apply suggestions from code review

Co-authored-by: Asger F <asgerf@github.com>
2025-12-24 04:36:35 +01:00 · 2023-06-26 13:27:23 +02:00
parent 08b9a5e2b2
commit 5bd044211e
1 changed files with 8 additions and 8 deletions
--- a/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
+++ b/javascript/ql/lib/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
@@ -316,7 +316,7 @@ module CodeInjection {
   * A value interpreted as code by the `webix` library.
   */
  class WebixExec extends Sink {
-    WebixExec() { this = DataFlow::moduleImport("webix").getAMemberCall("exec").getArgument(0) }
+    WebixExec() { this = API::moduleImport("webix").getMember("exec").getParameter(0).asSink() }
  }

  /** A sink for code injection via template injection. */
@@ -431,15 +431,15 @@ module CodeInjection {
   */
  class WebixTemplateSink extends TemplateSink {
    WebixTemplateSink() {
-      this = DataFlow::moduleImport("webix").getAMemberCall("ui").getOptionArgument(0, "template")
+      this = API::moduleImport("webix").getMember("ui").getParameter(0).getMember("template").asSink()
      or
      this.asExpr() =
-        DataFlow::moduleImport("webix")
-            .getAMemberCall("ui")
-            .getOptionArgument(0, "template")
-            .asExpr()
-            .(Function)
-            .getAReturnedExpr()
+        API::moduleImport("webix")
+            .getMember("ui")
+            .getParameter(0)
+            .getMember("template")
+            .getReturn()
+            .asSink()
    }
  }