hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-20 14:17:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

Expose invoke nodes for external API sinks

Browse Source
This commit is contained in:
Henry Mercer
2021-03-05 21:33:57 +00:00
parent e90e03f119
commit a5ecb6e8f9
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
javascript/ql/src/semmle/javascript/security/dataflow/ExternalAPIUsedWithUntrustedDataCustomizations.qll
View File

@@ -27,6 +27,8 @@ module ExternalAPIUsedWithUntrustedData {
* have to scan over many irrelevant sinks in order to pick out the interesting ones.
*/
abstract string getApiName();
abstract DataFlow::InvokeNode getInvokeNode();
}
/**
@@ -301,6 +303,8 @@ module ExternalAPIUsedWithUntrustedData {
}
override string getApiName() { result = invoke.getApiName() + " [param " + index + "]" }
override DataFlow::InvokeNode getInvokeNode() { result = invoke }
}
/** A spread argument or an unknown-index argument to an external API. */
@@ -317,6 +321,8 @@ module ExternalAPIUsedWithUntrustedData {
}
override string getApiName() { result = invoke.getApiName() + " [param *]" }
override DataFlow::InvokeNode getInvokeNode() { result = invoke }
}
/** A "named argument" to an external API call, seen as a sink. */
@@ -343,6 +349,8 @@ module ExternalAPIUsedWithUntrustedData {
override string getApiName() {
result = invoke.getApiName() + " [param " + index + " '" + prop + "']"
}
override DataFlow::InvokeNode getInvokeNode() { result = invoke }
}
/** The return value from a direct callback to an external API call, seen as a sink */
@@ -359,6 +367,8 @@ module ExternalAPIUsedWithUntrustedData {
override string getApiName() {
result = invoke.getApiName() + " [callback " + index + " result]"
}
override DataFlow::InvokeNode getInvokeNode() { result = invoke }
}
/** The return value from a named callback to an external API call, seen as a sink. */
@@ -379,5 +389,7 @@ module ExternalAPIUsedWithUntrustedData {
override string getApiName() {
result = invoke.getApiName() + " [callback " + index + " '" + prop + "' result]"
}
override DataFlow::InvokeNode getInvokeNode() { result = invoke }
}
}