JS: fixed issue where MaskingReplacer would work only with regexp literals but not objects

javascript/ql/lib/semmle/javascript/security/dataflow/CleartextLoggingCustomizations.qll

@@ -38,7 +38,10 @@ module CleartextLogging {
     MaskingReplacer() {
       this.isGlobal() and
       exists(this.getRawReplacement().getStringValue()) and
-      any(RegExpDot term).getLiteral() = this.getRegExp().asExpr()
+      exists(DataFlow::RegExpCreationNode regexpObj |
+        this.(StringReplaceCall).getRegExp() = regexpObj and
+        regexpObj.getRoot() = any(RegExpDot term)
+      )
     }
   }
 

javascript/ql/test/query-tests/Security/CWE-312/CleartextLogging.expected

@@ -139,10 +139,6 @@ nodes
 | passwords.js:176:17:176:26 | myPasscode |
 | passwords.js:176:17:176:26 | myPasscode |
 | passwords.js:176:17:176:26 | myPasscode |
-| passwords.js:181:14:181:21 | password |
-| passwords.js:181:14:181:21 | password |
-| passwords.js:181:14:181:56 | passwor ... ), "*") |
-| passwords.js:181:14:181:56 | passwor ... ), "*") |
 | passwords.js:182:14:182:21 | password |
 | passwords.js:182:14:182:21 | password |
 | passwords.js:182:14:182:51 | passwor ... ), "*") |
@@ -297,10 +293,6 @@ edges
 | passwords.js:170:11:170:18 | password | passwords.js:170:11:170:39 | passwor ... g, "*") |
 | passwords.js:173:17:173:26 | myPassword | passwords.js:173:17:173:26 | myPassword |
 | passwords.js:176:17:176:26 | myPasscode | passwords.js:176:17:176:26 | myPasscode |
-| passwords.js:181:14:181:21 | password | passwords.js:181:14:181:56 | passwor ... ), "*") |
-| passwords.js:181:14:181:21 | password | passwords.js:181:14:181:56 | passwor ... ), "*") |
-| passwords.js:181:14:181:21 | password | passwords.js:181:14:181:56 | passwor ... ), "*") |
-| passwords.js:181:14:181:21 | password | passwords.js:181:14:181:56 | passwor ... ), "*") |
 | passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") |
 | passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") |
 | passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") |
@@ -356,7 +348,6 @@ edges
 | passwords.js:170:11:170:39 | passwor ... g, "*") | passwords.js:170:11:170:18 | password | passwords.js:170:11:170:39 | passwor ... g, "*") | This logs sensitive data returned by $@ as clear text. | passwords.js:170:11:170:18 | password | an access to password |
 | passwords.js:173:17:173:26 | myPassword | passwords.js:173:17:173:26 | myPassword | passwords.js:173:17:173:26 | myPassword | This logs sensitive data returned by $@ as clear text. | passwords.js:173:17:173:26 | myPassword | an access to myPassword |
 | passwords.js:176:17:176:26 | myPasscode | passwords.js:176:17:176:26 | myPasscode | passwords.js:176:17:176:26 | myPasscode | This logs sensitive data returned by $@ as clear text. | passwords.js:176:17:176:26 | myPasscode | an access to myPasscode |
-| passwords.js:181:14:181:56 | passwor ... ), "*") | passwords.js:181:14:181:21 | password | passwords.js:181:14:181:56 | passwor ... ), "*") | This logs sensitive data returned by $@ as clear text. | passwords.js:181:14:181:21 | password | an access to password |
 | passwords.js:182:14:182:51 | passwor ... ), "*") | passwords.js:182:14:182:21 | password | passwords.js:182:14:182:51 | passwor ... ), "*") | This logs sensitive data returned by $@ as clear text. | passwords.js:182:14:182:21 | password | an access to password |
 | passwords.js:183:14:183:67 | passwor ... ), "*") | passwords.js:183:14:183:21 | password | passwords.js:183:14:183:67 | passwor ... ), "*") | This logs sensitive data returned by $@ as clear text. | passwords.js:183:14:183:21 | password | an access to password |
 | passwords_in_server_1.js:6:13:6:20 | password | passwords_in_server_1.js:6:13:6:20 | password | passwords_in_server_1.js:6:13:6:20 | password | This logs sensitive data returned by $@ as clear text. | passwords_in_server_1.js:6:13:6:20 | password | an access to password |

javascript/ql/test/query-tests/Security/CWE-312/passwords.js

@@ -178,7 +178,7 @@ const debug = require('debug')('test');
 
 (function () {
     console.log(password.replace(/./g, "*")); // OK
-	console.log(password.replace(new RegExp(".", "g"), "*")); // OK -- Currently flagged, though it shouldn't be
+	console.log(password.replace(new RegExp(".", "g"), "*")); // OK
 	console.log(password.replace(new RegExp("."), "*")); // NOT OK
 	console.log(password.replace(new RegExp(".", unknownFlags()), "*")); // OK -- Currently flagged, though maybe it should not be.
 })();