hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Autoformat

Browse Source
This commit is contained in:
Asger Feldthaus
2021-08-02 11:42:08 +02:00
parent 4f4f524937
commit 65b44248f8
8 changed files with 70 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/src/semmle/javascript/Expr.qll
View File

@@ -2894,9 +2894,7 @@ class ImportMetaExpr extends @import_meta_expr, Expr {
*/
class GeneratedCodeExpr extends @generated_code_expr, Expr {
/** Gets the placeholder tag that was parsed as an expression. */
Templating::TemplatePlaceholderTag getPlaceholderTag() {
this = result.getEnclosingExpr()
}
Templating::TemplatePlaceholderTag getPlaceholderTag() { this = result.getEnclosingExpr() }
override string getAPrimaryQlClass() { result = "GeneratedCodeExpr" }
}

20
javascript/ql/src/semmle/javascript/frameworks/Fastify.qll
View File

@@ -295,24 +295,14 @@ module Fastify {
* Assumes the presense of a plugin that provides the `view` method, such as the `point-of-view` plugin.
*/
private class ViewCall extends Templating::TemplateInstantiaton::Range, DataFlow::CallNode {
ViewCall() {
this = any(ReplySource rep).ref().getAMethodCall("view")
}
ViewCall() { this = any(ReplySource rep).ref().getAMethodCall("view") }
override DataFlow::SourceNode getOutput() {
result = getCallback(2).getParameter(1)
}
override DataFlow::SourceNode getOutput() { result = getCallback(2).getParameter(1) }
override DataFlow::Node getTemplateFileNode() {
result = getArgument(0)
}
override DataFlow::Node getTemplateFileNode() { result = getArgument(0) }
override DataFlow::Node getTemplateContentNode() {
none()
}
override DataFlow::Node getTemplateContentNode() { none() }
override DataFlow::Node getTemplateParamsNode() {
result = getArgument(1)
}
override DataFlow::Node getTemplateParamsNode() { result = getArgument(1) }
}
}

24
javascript/ql/src/semmle/javascript/frameworks/Hapi.qll
View File

@@ -41,9 +41,7 @@ module Hapi {
/**
* Gets a source node referring to the request toolkit parameter, usually named `h`.
*/
DataFlow::SourceNode getRequestToolkit() {
result = getRequestToolkitParameter().flow()
}
DataFlow::SourceNode getRequestToolkit() { result = getRequestToolkitParameter().flow() }
}
/**
@@ -255,24 +253,14 @@ module Hapi {
* A call to `h.view('file', { ... })` seen as a template instantiation.
*/
private class ViewCall extends Templating::TemplateInstantiaton::Range, DataFlow::CallNode {
ViewCall() {
this = any(RouteHandler rh).getRequestToolkit().getAMethodCall("view")
}
ViewCall() { this = any(RouteHandler rh).getRequestToolkit().getAMethodCall("view") }
override DataFlow::SourceNode getOutput() {
none()
}
override DataFlow::SourceNode getOutput() { none() }
override DataFlow::Node getTemplateFileNode() {
result = getArgument(0)
}
override DataFlow::Node getTemplateFileNode() { result = getArgument(0) }
override DataFlow::Node getTemplateContentNode() {
none()
}
override DataFlow::Node getTemplateContentNode() { none() }
override DataFlow::Node getTemplateParamsNode() {
result = getArgument(1)
}
override DataFlow::Node getTemplateParamsNode() { result = getArgument(1) }
}
}

20
javascript/ql/src/semmle/javascript/frameworks/Koa.qll
View File

@@ -122,9 +122,7 @@ module Koa {
}
/** Gets a source node that refers to this context object. */
DataFlow::SourceNode ref() {
result = ref(DataFlow::TypeTracker::end())
}
DataFlow::SourceNode ref() { result = ref(DataFlow::TypeTracker::end()) }
}
/**
@@ -436,21 +434,13 @@ module Koa {
private class RenderCall extends Templating::TemplateInstantiaton::Range, DataFlow::CallNode {
ContextSource ctx;
RenderCall() {
this = ctx.ref().getAMethodCall("render")
}
RenderCall() { this = ctx.ref().getAMethodCall("render") }
override DataFlow::SourceNode getOutput() {
none()
}
override DataFlow::SourceNode getOutput() { none() }
override DataFlow::Node getTemplateFileNode() {
result = getArgument(0)
}
override DataFlow::Node getTemplateFileNode() { result = getArgument(0) }
override DataFlow::Node getTemplateContentNode() {
none()
}
override DataFlow::Node getTemplateContentNode() { none() }
override DataFlow::Node getTemplateParamsNode() {
result = getArgument(1)

76
javascript/ql/src/semmle/javascript/frameworks/Templating.qll
View File

@@ -125,9 +125,7 @@ module Templating {
/**
* Gets the innermost JavaScript expression containing this template tag, if any.
*/
Expr getEnclosingExpr() {
expr_contains_template_tag_location(result, getLocation())
}
Expr getEnclosingExpr() { expr_contains_template_tag_location(result, getLocation()) }
}
/**
@@ -210,9 +208,7 @@ module Templating {
*
* If not known, the relevant syntax will be determined by a heuristic.
*/
TemplateSyntax getTemplateSyntax() {
result = range.getTemplateSyntax()
}
TemplateSyntax getTemplateSyntax() { result = range.getTemplateSyntax() }
}
/** Companion module to the `TemplateInstantiation` class. */
@@ -244,7 +240,12 @@ module Templating {
exists(TemplateInstantiaton inst, API::Node base, string name |
base.getARhs() = inst.getTemplateParamsNode() and
result = base.getMember(name) and
succ = inst.getTemplateFile().getAnImportedFile*().getAPlaceholder().getInnerTopLevel().getAVariableUse(name)
succ =
inst.getTemplateFile()
.getAnImportedFile*()
.getAPlaceholder()
.getInnerTopLevel()
.getAVariableUse(name)
)
or
exists(string prop, DataFlow::SourceNode prev |
@@ -322,7 +323,10 @@ module Templating {
/** Gets the template file referenced by this node. */
final TemplateFile getTemplateFile() {
result = this.getValue().(TemplateFileReferenceString).getTemplateFile(getFile().getParentContainer())
result =
this.getValue()
.(TemplateFileReferenceString)
.getTemplateFile(getFile().getParentContainer())
}
}
@@ -386,18 +390,12 @@ module Templating {
private class UpwardTraversalSuffix extends TemplateFileReferenceString {
TemplateFileReferenceString original;
UpwardTraversalSuffix() {
original = "../" + this
}
UpwardTraversalSuffix() { original = "../" + this }
override Folder getContextFolder() {
result = original.getContextFolder().getParentContainer()
}
override Folder getContextFolder() { result = original.getContextFolder().getParentContainer() }
/** Gets the original string including the `../` prefix. */
TemplateFileReferenceString getOriginal() {
result = original
}
TemplateFileReferenceString getOriginal() { result = original }
}
/**
@@ -484,7 +482,9 @@ module Templating {
* and vice versa in `B/components/foo.js`.
*/
pragma[nomagic]
private int getRankOfMatchingTarget(TemplateFile file, Folder baseFolder, TemplateFileReferenceString ref) {
private int getRankOfMatchingTarget(
TemplateFile file, Folder baseFolder, TemplateFileReferenceString ref
) {
file = getAMatchingTarget(ref) and
baseFolder = ref.getContextFolder() and
exists(string filePath, string refPath |
@@ -663,19 +663,21 @@ module Templating {
string rawPath;
TemplateInclusionTag() {
rawPath = getRawText().regexpCapture("[{<]% *(?:import|include|extend|require)s? *(?:[(] *)?['\"]?(.*?)['\"]? *(?:[)] *)?%[}>]", 1)
rawPath =
getRawText()
.regexpCapture("[{<]% *(?:import|include|extend|require)s? *(?:[(] *)?['\"]?(.*?)['\"]? *(?:[)] *)?%[}>]",
1)
or
rawPath = getRawText().regexpCapture("\\{\\{!?[<>](.*?)\\}\\}", 1)
}
/** Gets the imported path (normalized). */
string getPath() {
result = rawPath.trim().replaceAll("\\", "/").regexpReplaceAll("^\\./", "")
}
string getPath() { result = rawPath.trim().replaceAll("\\", "/").regexpReplaceAll("^\\./", "") }
/** Gets the file referenced by this inclusion tag. */
TemplateFile getImportedFile() {
result = getPath().(TemplateFileReferenceString).getTemplateFile(getFile().getParentContainer())
result =
getPath().(TemplateFileReferenceString).getTemplateFile(getFile().getParentContainer())
}
}
@@ -683,13 +685,9 @@ module Templating {
private class TemplateInclusionPathString extends TemplateFileReferenceString {
TemplateInclusionTag tag;
TemplateInclusionPathString() {
this = tag.getPath()
}
TemplateInclusionPathString() { this = tag.getPath() }
override Folder getContextFolder() {
result = tag.getFile().getParentContainer()
}
override Folder getContextFolder() { result = tag.getFile().getParentContainer() }
}
/**
@@ -698,13 +696,9 @@ module Templating {
private class ConsolidateCall extends TemplateInstantiaton::Range, API::CallNode {
string engine;
ConsolidateCall() {
this = API::moduleImport("consolidate").getMember(engine).getACall()
}
ConsolidateCall() { this = API::moduleImport("consolidate").getMember(engine).getACall() }
override TemplateSyntax getTemplateSyntax() {
result.getAPackageName() = engine
}
override TemplateSyntax getTemplateSyntax() { result.getAPackageName() = engine }
override DataFlow::SourceNode getOutput() {
result = getParameter([1, 2]).getParameter(1).getAnImmediateUse()
@@ -713,16 +707,10 @@ module Templating {
result = this
}
override DataFlow::Node getTemplateFileNode() {
result = getArgument(0)
}
override DataFlow::Node getTemplateFileNode() { result = getArgument(0) }
override DataFlow::Node getTemplateContentNode() {
none()
}
override DataFlow::Node getTemplateContentNode() { none() }
override DataFlow::Node getTemplateParamsNode() {
result = getArgument(1)
}
override DataFlow::Node getTemplateParamsNode() { result = getArgument(1) }
}
}

25
javascript/ql/src/semmle/javascript/security/dataflow/CodeInjectionCustomizations.qll
View File

@@ -77,7 +77,9 @@ module CodeInjection {
//
// For example, setting foo to `\` and bar to `, alert(1));//`, code injection is obtained.
tag.isInScriptTag() and
not tag.getEnclosingExpr() = getLastStringWithPlaceholderOnLine(tag.getLocation().getFile(), tag.getLocation().getStartLine())
not tag.getEnclosingExpr() =
getLastStringWithPlaceholderOnLine(tag.getLocation().getFile(),
tag.getLocation().getStartLine())
)
}
}
@@ -85,16 +87,17 @@ module CodeInjection {
/** Gets the last string literal containing a template placeholder on the given line. */
pragma[nomagic]
private StringLiteral getLastStringWithPlaceholderOnLine(File file, int line) {
result = max(StringLiteral lit, Location loc |
loc = lit.getLocation() and
loc.getFile() = file and
loc.getStartLine() = line and
lit = any(Templating::TemplatePlaceholderTag tag | tag.isEscapingInterpolation()).getEnclosingExpr()
|
lit
order by
loc.getStartColumn()
)
result =
max(StringLiteral lit, Location loc |
loc = lit.getLocation() and
loc.getFile() = file and
loc.getStartLine() = line and
lit =
any(Templating::TemplatePlaceholderTag tag | tag.isEscapingInterpolation())
.getEnclosingExpr()
|
lit order by loc.getStartColumn()
)
}
/**

8
javascript/ql/src/semmle/javascript/security/dataflow/FileAccessToHttpCustomizations.qll
View File

@@ -48,9 +48,7 @@ module FileAccessToHttp {
* A property access to `length`, seen as a sanitizer as it likely contains a number.
*/
private class LengthAccessAsSanitizer extends Sanitizer {
LengthAccessAsSanitizer() {
this.(DataFlow::PropRead).getPropertyName() = "length"
}
LengthAccessAsSanitizer() { this.(DataFlow::PropRead).getPropertyName() = "length" }
}
/**
@@ -58,8 +56,6 @@ module FileAccessToHttp {
* sent to the client via a template.
*/
private class GeneratedCodeAsSanitizer extends Sanitizer {
GeneratedCodeAsSanitizer() {
this.asExpr() instanceof GeneratedCodeExpr
}
GeneratedCodeAsSanitizer() { this.asExpr() instanceof GeneratedCodeExpr }
}
}