hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

add support for the teleport-javascript library

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2021-06-24 11:15:10 +02:00
parent 9261b7f859
commit babf657d9d
5 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/semmle/javascript/JsonParsers.qll
View File

@@ -26,7 +26,7 @@ private class PlainJsonParserCall extends JsonParserCall {
PlainJsonParserCall() {
exists(DataFlow::SourceNode callee | this = callee.getACall() |
callee = DataFlow::globalVarRef("JSON").getAPropertyRead("parse") or
callee = DataFlow::moduleMember(["json3", "json5", "flatted"], "parse") or
callee = DataFlow::moduleMember(["json3", "json5", "flatted", "teleport-javascript"], "parse") or
callee = DataFlow::moduleImport("parse-json") or
callee = DataFlow::moduleImport("json-parse-better-errors") or
callee = DataFlow::moduleImport("json-safe-parse") or

3
javascript/ql/src/semmle/javascript/JsonStringifiers.qll
View File

@@ -11,7 +11,8 @@ class JsonStringifyCall extends DataFlow::CallNode {
JsonStringifyCall() {
exists(DataFlow::SourceNode callee | this = callee.getACall() |
callee = DataFlow::globalVarRef("JSON").getAPropertyRead("stringify") or
callee = DataFlow::moduleMember(["json3", "json5", "flatted"], "stringify") or
callee =
DataFlow::moduleMember(["json3", "json5", "flatted", "teleport-javascript"], "stringify") or
callee =
DataFlow::moduleImport([
"json-stringify-safe", "json-stable-stringify", "stringify-object",

1
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
View File

@@ -93,6 +93,7 @@ typeInferenceMismatch
| json-stringify.js:2:16:2:23 | source() | json-stringify.js:21:8:21:46 | new jso ... source) |
| json-stringify.js:2:16:2:23 | source() | json-stringify.js:24:8:24:43 | json5.s ... ource)) |
| json-stringify.js:2:16:2:23 | source() | json-stringify.js:27:8:27:47 | flatted ... ource)) |
| json-stringify.js:2:16:2:23 | source() | json-stringify.js:30:8:30:49 | telepor ... ource)) |
| json-stringify.js:3:15:3:22 | source() | json-stringify.js:8:8:8:31 | jsonStr ... (taint) |
| nested-props.js:4:13:4:20 | source() | nested-props.js:5:10:5:14 | obj.x |
| nested-props.js:9:18:9:25 | source() | nested-props.js:10:10:10:16 | obj.x.y |

3
javascript/ql/test/library-tests/TaintTracking/json-stringify.js
View File

@@ -25,4 +25,7 @@ function foo() {
const flatted = require('flatted');
sink(flatted.stringify(flatted.parse(source))); // NOT OK
const teleport = require('teleport-javascript');
sink(teleport.stringify(teleport.parse(source))); // NOT OK
}