mirror of
https://github.com/github/codeql.git
synced 2026-04-30 03:05:15 +02:00
JS: Move AdditionalPartialInvokeNode to Nodes.qll
This commit is contained in:
Asger F
@@ -432,18 +432,6 @@ abstract class AdditionalSink extends DataFlow::Node {
|
||||
predicate isSinkFor(Configuration cfg, FlowLabel lbl) { none() }
|
||||
}
|
||||
|
||||
/**
|
||||
* An invocation that is modeled as a partial function application.
|
||||
*
|
||||
* This contributes additional argument-passing flow edges that should be added to all data flow configurations.
|
||||
*/
|
||||
abstract class AdditionalPartialInvokeNode extends DataFlow::InvokeNode {
|
||||
/**
|
||||
* Holds if `argument` is passed as argument `index` to the function in `callback`.
|
||||
*/
|
||||
abstract predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index);
|
||||
}
|
||||
|
||||
/**
|
||||
* Additional flow step to model flow from import specifiers into the SSA variable
|
||||
* corresponding to the imported variable.
|
||||
@@ -457,45 +445,6 @@ private class FlowStepThroughImport extends AdditionalFlowStep, DataFlow::ValueN
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A partial call through the built-in `Function.prototype.bind`.
|
||||
*/
|
||||
private class BindPartialCall extends AdditionalPartialInvokeNode, DataFlow::MethodCallNode {
|
||||
BindPartialCall() { getMethodName() = "bind" }
|
||||
|
||||
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
|
||||
callback = getReceiver() and
|
||||
argument = getArgument(index + 1)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A partial call through `_.partial`.
|
||||
*/
|
||||
private class LodashPartialCall extends AdditionalPartialInvokeNode {
|
||||
LodashPartialCall() { this = LodashUnderscore::member("partial").getACall() }
|
||||
|
||||
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
|
||||
callback = getArgument(0) and
|
||||
argument = getArgument(index + 1)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A partial call through `ramda.partial`.
|
||||
*/
|
||||
private class RamdaPartialCall extends AdditionalPartialInvokeNode {
|
||||
RamdaPartialCall() { this = DataFlow::moduleMember("ramda", "partial").getACall() }
|
||||
|
||||
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
|
||||
callback = getArgument(0) and
|
||||
exists(DataFlow::ArrayCreationNode array |
|
||||
array.flowsTo(getArgument(1)) and
|
||||
argument = array.getElement(index)
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Holds if there is a flow step from `pred` to `succ` described by `summary`
|
||||
* under configuration `cfg`.
|
||||
|
||||
@@ -964,3 +964,60 @@ module ClassNode {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* An invocation that is modeled as a partial function application.
|
||||
*
|
||||
* This contributes additional argument-passing flow edges that should be added to all data flow configurations.
|
||||
*/
|
||||
abstract class AdditionalPartialInvokeNode extends DataFlow::InvokeNode {
|
||||
/**
|
||||
* Holds if `argument` is passed as argument `index` to the function in `callback`.
|
||||
*/
|
||||
abstract predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index);
|
||||
|
||||
/** Gets the data flow node referring to the bound function, if such a node exists. */
|
||||
DataFlow::SourceNode getBoundFunction(int boundArgs) { none() }
|
||||
}
|
||||
|
||||
/**
|
||||
* A partial call through the built-in `Function.prototype.bind`.
|
||||
*/
|
||||
private class BindPartialCall extends AdditionalPartialInvokeNode, DataFlow::MethodCallNode {
|
||||
BindPartialCall() { getMethodName() = "bind" }
|
||||
|
||||
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
|
||||
index >= 0 and
|
||||
callback = getReceiver() and
|
||||
argument = getArgument(index + 1)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A partial call through `_.partial`.
|
||||
*/
|
||||
private class LodashPartialCall extends AdditionalPartialInvokeNode {
|
||||
LodashPartialCall() { this = LodashUnderscore::member("partial").getACall() }
|
||||
|
||||
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
|
||||
index >= 0 and
|
||||
callback = getArgument(0) and
|
||||
argument = getArgument(index + 1)
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* A partial call through `ramda.partial`.
|
||||
*/
|
||||
private class RamdaPartialCall extends AdditionalPartialInvokeNode {
|
||||
RamdaPartialCall() { this = DataFlow::moduleMember("ramda", "partial").getACall() }
|
||||
|
||||
private DataFlow::ArrayCreationNode getArgumentsArray() {
|
||||
result.flowsTo(getArgument(1))
|
||||
}
|
||||
|
||||
override predicate isPartialArgument(DataFlow::Node callback, DataFlow::Node argument, int index) {
|
||||
callback = getArgument(0) and
|
||||
argument = getArgumentsArray().getElement(index)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user