update existing tests to work with FunctionReturnNode

2026-04-30 11:15:13 +02:00 · 2020-08-07 16:39:06 +02:00
parent 0edb46c20d
commit b9a98f51ea
4 changed files with 14 additions and 16 deletions
--- a/javascript/ql/test/library-tests/InterProceduralFlow/DataFlowConfig.qll
+++ b/javascript/ql/test/library-tests/InterProceduralFlow/DataFlowConfig.qll
@@ -17,14 +17,15 @@ class TestDataFlowConfiguration extends DataFlow::Configuration {
    )
  }

+  override predicate isBarrier(DataFlow::Node node) {
+    exists(Function f |
+      f.getName().matches("%noReturnTracking%") and
+      node = f.getAReturnedExpr().flow()
+    )
+  }
+
  override predicate isBarrierEdge(DataFlow::Node src, DataFlow::Node snk) {
    src = src and
    snk.asExpr().(PropAccess).getPropertyName() = "notTracked"
-    or
-    exists(Function f |
-      f.getName().matches("%noReturnTracking%") and
-      src = f.getAReturnedExpr().flow() and
-      snk.(DataFlow::InvokeNode).getACallee() = f
-    )
  }
 }
--- a/javascript/ql/test/library-tests/InterProceduralFlow/GermanFlow.expected
+++ b/javascript/ql/test/library-tests/InterProceduralFlow/GermanFlow.expected
@@ -53,8 +53,6 @@
 | tst2.js:3:17:3:26 | "tainted2" | tst2.js:11:15:11:24 | g(source2) |
 | tst2.js:6:24:6:37 | "also tainted" | tst2.js:10:15:10:24 | g(source1) |
 | tst2.js:6:24:6:37 | "also tainted" | tst2.js:11:15:11:24 | g(source2) |
-| tst3.js:2:17:2:26 | "tainted1" | tst3.js:6:15:6:40 | noRetur ... ource1) |
-| tst3.js:9:19:9:28 | "tainted2" | tst3.js:12:15:12:33 | noReturnTracking2() |
 | tst6.mjs:12:14:12:21 | "source" | tst6.mjs:14:12:14:16 | a.m() |
 | tst6.mjs:16:15:16:23 | "source2" | tst6.mjs:18:13:18:24 | a.m.call(a2) |
 | tst.js:2:17:2:22 | "src1" | tst.js:28:20:28:22 | elt |
--- a/javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.expected
+++ b/javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.expected
@@ -58,8 +58,6 @@
 | tst2.js:3:17:3:26 | "tainted2" | tst2.js:11:15:11:24 | g(source2) |
 | tst2.js:6:24:6:37 | "also tainted" | tst2.js:10:15:10:24 | g(source1) |
 | tst2.js:6:24:6:37 | "also tainted" | tst2.js:11:15:11:24 | g(source2) |
-| tst3.js:2:17:2:26 | "tainted1" | tst3.js:6:15:6:40 | noRetur ... ource1) |
-| tst3.js:9:19:9:28 | "tainted2" | tst3.js:12:15:12:33 | noReturnTracking2() |
 | tst4.js:2:16:2:24 | "tainted" | tst4.js:15:15:15:31 | id(still_tainted) |
 | tst4.js:2:16:2:24 | "tainted" | tst4.js:16:15:16:28 | p.also_tainted |
 | tst4.js:2:16:2:24 | "tainted" | tst4.js:17:15:17:28 | substr(source) |
--- a/javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.ql
+++ b/javascript/ql/test/library-tests/InterProceduralFlow/TaintTracking.ql
@@ -17,15 +17,16 @@ class TestTaintTrackingConfiguration extends TaintTracking::Configuration {
    )
  }

+  override predicate isSanitizer(DataFlow::Node node) {
+    exists(Function f |
+      f.getName().matches("%noReturnTracking%") and
+      node = f.getAReturnedExpr().flow()
+    )
+  }
+
  override predicate isSanitizerEdge(DataFlow::Node src, DataFlow::Node snk) {
    src = src and
    snk.asExpr().(PropAccess).getPropertyName() = "notTracked"
-    or
-    exists(Function f |
-      f.getName().matches("%noReturnTracking%") and
-      src = f.getAReturnedExpr().flow() and
-      snk.(DataFlow::InvokeNode).getACallee() = f
-    )
  }
 }