hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 08:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: follow proper code standards for get predicates

Browse Source 
Co-authored-by: asgerf <asgerf@github.com>
This commit is contained in:
Napalys
2024-11-29 11:32:10 +01:00
parent 3171f38cdd
commit 9d4e737bc2
1 changed files with 5 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
javascript/ql/src/Security/CWE-116/IncompleteSanitization.ql
View File

@@ -146,23 +146,18 @@ predicate whitelistedRemoval(StringReplaceCall repl) {
/**
* Gets a nice string representation of the pattern or value of the node.
*/
predicate getPatternOrValueString(DataFlow::Node node, string patternOrValue) {
string getPatternOrValueString(DataFlow::Node node) {
if node instanceof DataFlow::RegExpConstructorInvokeNode
then
exists(DataFlow::RegExpConstructorInvokeNode regExp |
node = regExp and
patternOrValue = "/" + regExp.getRoot() + "/"
)
else patternOrValue = node.toString()
then result = "/" + node.(DataFlow::RegExpConstructorInvokeNode).getRoot() + "/"
else result = node.toString()
}
from StringReplaceCall repl, DataFlow::Node old, string patternOrValue, string msg
from StringReplaceCall repl, DataFlow::Node old, string msg
where
(old = repl.getArgument(0) or old = repl.getRegExp()) and
getPatternOrValueString(old, patternOrValue) and
(
not repl.maybeGlobal() and
msg = "This replaces only the first occurrence of " + patternOrValue + "." and
msg = "This replaces only the first occurrence of " + getPatternOrValueString(old) + "." and
// only flag if this is likely to be a sanitizer or URL encoder or decoder
exists(string m | m = getAMatchedString(old) |
// sanitizer