Merge pull request #1006 from asger-semmle/express-end

JS: Treat res.end() as alias for res.send() in Express
2025-12-16 16:53:25 +01:00 · 2019-03-01 10:30:06 +00:00
parent bc8906ba82 2dc7f32ca3
commit a6f3305edc
2 changed files with 5 additions and 3 deletions
--- a/change-notes/1.20/analysis-javascript.md
+++ b/change-notes/1.20/analysis-javascript.md
@@ -5,6 +5,7 @@
 * Support for many frameworks and libraries has been improved, in particular including the following:
  - [a-sync-waterfall](https://www.npmjs.com/package/a-sync-waterfall)
  - [Electron](https://electronjs.org)
+  - [Express](https://npmjs.org/express)
  - [hapi](https://hapijs.com/)
  - [js-cookie](https://github.com/js-cookie/js-cookie)
  - [React](https://reactjs.org/)
--- a/javascript/ql/src/semmle/javascript/frameworks/Express.qll
+++ b/javascript/ql/src/semmle/javascript/frameworks/Express.qll
@@ -604,14 +604,15 @@ module Express {
  }

  /**
-   * An argument passed to the `send` method of an HTTP response object.
+   * An argument passed to the `send` or `end` method of an HTTP response object.
   */
  private class ResponseSendArgument extends HTTP::ResponseSendArgument {
    RouteHandler rh;

    ResponseSendArgument() {
-      exists(MethodCallExpr mce |
-        mce.calls(rh.getAResponseExpr(), "send") and
+      exists(MethodCallExpr mce, string name |
+        mce.calls(rh.getAResponseExpr(), name) and
+        (name = "send" or name = "end") and
        this = mce.getArgument(0)
      )
    }