add taint step through the colors library

2026-04-30 19:26:02 +02:00 · 2021-06-22 22:55:15 +02:00
parent a21ebbbe8f
commit 626a653401
4 changed files with 48 additions and 23 deletions
--- a/javascript/ql/src/semmle/javascript/frameworks/Logging.qll
+++ b/javascript/ql/src/semmle/javascript/frameworks/Logging.qll
@@ -213,3 +213,18 @@ class AnsiColorsStep extends TaintTracking::SharedTaintStep {
    )
  }
 }
+
+/**
+ * A step through the [`colors`](https://npmjs.org/package/colors) library.
+ * This step ignores the `String.prototype` modifying part of the `colors` library.
+ */
+class ColorsStep extends TaintTracking::SharedTaintStep {
+  override predicate stringManipulationStep(DataFlow::Node pred, DataFlow::Node succ) {
+    exists(API::CallNode call |
+      call = API::moduleImport(["colors", "colors/safe"]).getAMember*().getACall()
+    |
+      pred = call.getArgument(0) and
+      succ = call
+    )
+  }
+}