avoid extending the abstract LoopStmt class

2026-05-05 05:35:13 +02:00 · 2019-09-10 17:08:00 +01:00
parent 6bb9781466
commit 62d1f66fda
1 changed files with 11 additions and 13 deletions
--- a/javascript/ql/src/semmle/javascript/security/dataflow/TaintedLengthCustomizations.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/TaintedLengthCustomizations.qll
@@ -30,32 +30,30 @@ module TaintedLength {
  // Inspired by LoopIterationSkippedDueToShifting::ArrayIterationLoop
  // Added some Dataflow to the .length access.
  // Added support for while/dowhile loops.
-  class ArrayIterationLoop extends LoopStmt {
+  class ArrayIterationLoop extends Stmt {
    LocalVariable indexVariable;
+    LoopStmt loop;

    ArrayIterationLoop() {
+      this = loop and 
      exists(RelationalComparison compare, DataFlow::PropRead lengthRead |
-        compare = this.getTest() and
+        compare = loop.getTest() and
        compare.getLesserOperand() = indexVariable.getAnAccess() and
        lengthRead.accesses(_, "length") and
        lengthRead.flowsToExpr(compare.getGreaterOperand())
      ) and
      (
-        this.(ForStmt).getUpdate().(IncExpr).getOperand() = indexVariable.getAnAccess() or
-        this.getBody().getAChild*().(IncExpr).getOperand() = indexVariable.getAnAccess()
+        loop.(ForStmt).getUpdate().(IncExpr).getOperand() = indexVariable.getAnAccess() or
+        loop.getBody().getAChild*().(IncExpr).getOperand() = indexVariable.getAnAccess()
      )
    }

-    override Stmt getBody() {
-      result = this.(ForStmt).getBody() or
-      result = this.(WhileStmt).getBody() or
-      result = this.(DoWhileStmt).getBody()
+    Expr getTest() {
+      result = loop.getTest()
    }
-
-    override Expr getTest() {
-      result = this.(ForStmt).getTest() or
-      result = this.(WhileStmt).getTest() or
-      result = this.(DoWhileStmt).getTest()
+    
+    Stmt getBody() {
+      result = loop.getBody()   
    }

    /**