fix that js/file-system-race could have FPs related to loops

2026-04-30 19:26:02 +02:00 · 2022-10-11 13:41:51 +02:00
parent 02656b16c3
commit 7500a31814
2 changed files with 6 additions and 1 deletions
--- a/javascript/ql/src/Security/CWE-367/FileSystemRace.ql
+++ b/javascript/ql/src/Security/CWE-367/FileSystemRace.ql
@@ -106,7 +106,7 @@ predicate useAfterCheck(FileCheck check, FileUse use) {
    )
  )
  or
-  check.getBasicBlock().getASuccessor+() = use.getBasicBlock()
+  check.getBasicBlock().(ReachableBasicBlock).strictlyDominates(use.getBasicBlock())
 }

 from FileCheck check, FileUse use
--- a/javascript/ql/test/query-tests/Security/CWE-367/tst.js
+++ b/javascript/ql/test/query-tests/Security/CWE-367/tst.js
@@ -41,3 +41,8 @@ const filePath3 = createFile();
 if (fs.existsSync(filePath3)) {
  fs.readFileSync(filePath3); // OK - a read after an existence check is OK 
 }
+
+const filePath4 = createFile();
+while(Math.random() > 0.5) {
+    fs.open(filePath4); // OK - it is only ever opened here.
+}