hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 01:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1013 from asger-semmle/closure-string-ops

Browse Source 
Approved by esben-semmle
This commit is contained in:
semmle-qlci
2019-03-01 10:31:27 +00:00
committed by GitHub
parent a6f3305edc 8dfec58428
commit 6cafe222c4
7 changed files with 55 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
javascript/ql/src/semmle/javascript/StringOps.qll
View File

@@ -112,14 +112,18 @@ module StringOps {
}
/**
* A call of form `_.startsWith(A, B)` or `ramda.startsWith(A, B)`.
* A call of form `_.startsWith(A, B)` or `ramda.startsWith(A, B)` or `goog.string.startsWith(A, B)`.
*/
private class StartsWith_Library extends Range, DataFlow::CallNode {
StartsWith_Library() {
getNumArgument() = 2 and
exists(DataFlow::SourceNode callee | this = callee.getACall() |
callee = LodashUnderscore::member("startsWith") or
callee = DataFlow::moduleMember("ramda", "startsWith")
callee = DataFlow::moduleMember("ramda", "startsWith") or
exists(string name |
callee = Closure::moduleImport("goog.string." + name) and
(name = "startsWith" or name = "caseInsensitiveStartsWith")
)
)
}
@@ -250,6 +254,9 @@ module StringOps {
exists(string name |
this = LodashUnderscore::member(name).getACall() and
(name = "includes" or name = "include" or name = "contains")
or
this = Closure::moduleImport("goog.string." + name).getACall() and
(name = "contains" or name = "caseInsensitiveContains")
)
}
@@ -416,7 +423,11 @@ module StringOps {
getNumArgument() = 2 and
exists(DataFlow::SourceNode callee | this = callee.getACall() |
callee = LodashUnderscore::member("endsWith") or
callee = DataFlow::moduleMember("ramda", "endsWith")
callee = DataFlow::moduleMember("ramda", "endsWith") or
exists(string name |
callee = Closure::moduleImport("goog.string." + name) and
(name = "endsWith" or name = "caseInsensitiveEndsWith")
)
)
}