diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll index f8836e51ad9..922dd5acc86 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/DataFlowPrivate.qll @@ -1212,8 +1212,8 @@ private predicate valuePreservingStep(Node node1, Node node2) { or node2 = FlowSteps::getThrowTarget(node1) or - FlowSummaryPrivate::Steps::summaryLocalStep(node1.(FlowSummaryNode).getSummaryNode(), - node2.(FlowSummaryNode).getSummaryNode(), true, _) // TODO: preserve 'model' + FlowSummaryPrivate::Steps::summaryLocalStep(node1, node2.(FlowSummaryNode).getSummaryNode(), true, + _) // TODO: preserve 'model' } predicate knownSourceModel(Node sink, string model) { none() } diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSummaryPrivate.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSummaryPrivate.qll index fe7bab98341..a7519f4180b 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSummaryPrivate.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/FlowSummaryPrivate.qll @@ -142,6 +142,10 @@ string encodeArgumentPosition(ArgumentPosition pos) { ReturnKind getStandardReturnValueKind() { result = MkNormalReturnKind() and Stage::ref() } private module FlowSummaryStepInput implements Private::StepsInputSig { + Private::SummaryNode getSummaryNode(DataFlow::Node n) { + result = n.(FlowSummaryNode).getSummaryNode() + } + overlay[global] DataFlowCall getACall(SummarizedCallable sc) { exists(LibraryCallable callable | callable = sc | diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/TaintTrackingPrivate.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/TaintTrackingPrivate.qll index 548d06ef64f..e7b3a6e5658 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/internal/TaintTrackingPrivate.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/TaintTrackingPrivate.qll @@ -12,8 +12,8 @@ cached predicate defaultAdditionalTaintStep(DataFlow::Node node1, DataFlow::Node node2) { TaintTracking::AdditionalTaintStep::step(node1, node2) or - FlowSummaryPrivate::Steps::summaryLocalStep(node1.(FlowSummaryNode).getSummaryNode(), - node2.(FlowSummaryNode).getSummaryNode(), false, _) // TODO: preserve 'model' parameter + FlowSummaryPrivate::Steps::summaryLocalStep(node1, node2.(FlowSummaryNode).getSummaryNode(), + false, _) // TODO: preserve 'model' parameter or // Convert steps out of array elements to plain taint steps FlowSummaryPrivate::Steps::summaryReadStep(node1.(FlowSummaryNode).getSummaryNode(), diff --git a/javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/DataFlowArg.qll b/javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/DataFlowArg.qll index 76992ed02cf..0f0966cb27c 100644 --- a/javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/DataFlowArg.qll +++ b/javascript/ql/lib/semmle/javascript/dataflow/internal/sharedlib/DataFlowArg.qll @@ -3,6 +3,7 @@ private import DataFlowImplSpecific private import codeql.dataflow.DataFlow as SharedDataFlow private import codeql.dataflow.TaintTracking as SharedTaintTracking private import codeql.dataflow.internal.FlowSummaryImpl as FlowSummaryImpl +private import codeql.util.Void module JSDataFlow implements SharedDataFlow::InputSig { import Private @@ -28,6 +29,8 @@ module JSFlowSummary implements FlowSummaryImpl::InputSig private import semmle.javascript.dataflow.internal.FlowSummaryPrivate as FlowSummaryPrivate import FlowSummaryPrivate + class FlowSummaryCallBase = Void; + overlay[local] predicate callableFromSource(SummarizedCallableBase c) { none() }