Merge branch 'main' into revertSum

javascript/ql/test/query-tests/Security/CWE-078/UnsafeShellCommandConstruction.expected

@@ -191,16 +191,16 @@ nodes
 | lib/lib.js:340:22:340:26 | id(n) |
 | lib/lib.js:340:22:340:26 | id(n) |
 | lib/lib.js:340:25:340:25 | n |
-| lib/lib.js:343:29:343:34 | unsafe |
-| lib/lib.js:343:29:343:34 | unsafe |
-| lib/lib.js:345:22:345:27 | unsafe |
-| lib/lib.js:345:22:345:27 | unsafe |
-| lib/lib.js:354:20:354:23 | opts |
-| lib/lib.js:354:20:354:23 | opts |
-| lib/lib.js:355:20:355:23 | opts |
-| lib/lib.js:355:20:355:34 | opts.learn_args |
-| lib/lib.js:360:28:360:42 | this.learn_args |
-| lib/lib.js:360:28:360:42 | this.learn_args |
+| lib/lib.js:349:29:349:34 | unsafe |
+| lib/lib.js:349:29:349:34 | unsafe |
+| lib/lib.js:351:22:351:27 | unsafe |
+| lib/lib.js:351:22:351:27 | unsafe |
+| lib/lib.js:360:20:360:23 | opts |
+| lib/lib.js:360:20:360:23 | opts |
+| lib/lib.js:361:20:361:23 | opts |
+| lib/lib.js:361:20:361:34 | opts.learn_args |
+| lib/lib.js:366:28:366:42 | this.learn_args |
+| lib/lib.js:366:28:366:42 | this.learn_args |
 edges
 | lib/lib2.js:3:28:3:31 | name | lib/lib2.js:4:22:4:25 | name |
 | lib/lib2.js:3:28:3:31 | name | lib/lib2.js:4:22:4:25 | name |
@@ -427,15 +427,15 @@ edges
 | lib/lib.js:339:39:339:39 | n | lib/lib.js:340:25:340:25 | n |
 | lib/lib.js:340:25:340:25 | n | lib/lib.js:340:22:340:26 | id(n) |
 | lib/lib.js:340:25:340:25 | n | lib/lib.js:340:22:340:26 | id(n) |
-| lib/lib.js:343:29:343:34 | unsafe | lib/lib.js:345:22:345:27 | unsafe |
-| lib/lib.js:343:29:343:34 | unsafe | lib/lib.js:345:22:345:27 | unsafe |
-| lib/lib.js:343:29:343:34 | unsafe | lib/lib.js:345:22:345:27 | unsafe |
-| lib/lib.js:343:29:343:34 | unsafe | lib/lib.js:345:22:345:27 | unsafe |
-| lib/lib.js:354:20:354:23 | opts | lib/lib.js:355:20:355:23 | opts |
-| lib/lib.js:354:20:354:23 | opts | lib/lib.js:355:20:355:23 | opts |
-| lib/lib.js:355:20:355:23 | opts | lib/lib.js:355:20:355:34 | opts.learn_args |
-| lib/lib.js:355:20:355:34 | opts.learn_args | lib/lib.js:360:28:360:42 | this.learn_args |
-| lib/lib.js:355:20:355:34 | opts.learn_args | lib/lib.js:360:28:360:42 | this.learn_args |
+| lib/lib.js:349:29:349:34 | unsafe | lib/lib.js:351:22:351:27 | unsafe |
+| lib/lib.js:349:29:349:34 | unsafe | lib/lib.js:351:22:351:27 | unsafe |
+| lib/lib.js:349:29:349:34 | unsafe | lib/lib.js:351:22:351:27 | unsafe |
+| lib/lib.js:349:29:349:34 | unsafe | lib/lib.js:351:22:351:27 | unsafe |
+| lib/lib.js:360:20:360:23 | opts | lib/lib.js:361:20:361:23 | opts |
+| lib/lib.js:360:20:360:23 | opts | lib/lib.js:361:20:361:23 | opts |
+| lib/lib.js:361:20:361:23 | opts | lib/lib.js:361:20:361:34 | opts.learn_args |
+| lib/lib.js:361:20:361:34 | opts.learn_args | lib/lib.js:366:28:366:42 | this.learn_args |
+| lib/lib.js:361:20:361:34 | opts.learn_args | lib/lib.js:366:28:366:42 | this.learn_args |
 #select
 | lib/lib2.js:4:10:4:25 | "rm -rf " + name | lib/lib2.js:3:28:3:31 | name | lib/lib2.js:4:22:4:25 | name | $@ based on library input is later used in $@. | lib/lib2.js:4:10:4:25 | "rm -rf " + name | String concatenation | lib/lib2.js:4:2:4:26 | cp.exec ... + name) | shell command |
 | lib/lib2.js:8:10:8:25 | "rm -rf " + name | lib/lib2.js:7:32:7:35 | name | lib/lib2.js:8:22:8:25 | name | $@ based on library input is later used in $@. | lib/lib2.js:8:10:8:25 | "rm -rf " + name | String concatenation | lib/lib2.js:8:2:8:26 | cp.exec ... + name) | shell command |
@@ -491,5 +491,5 @@ edges
 | lib/lib.js:320:11:320:26 | "rm -rf " + name | lib/lib.js:314:40:314:43 | name | lib/lib.js:320:23:320:26 | name | $@ based on library input is later used in $@. | lib/lib.js:320:11:320:26 | "rm -rf " + name | String concatenation | lib/lib.js:320:3:320:27 | cp.exec ... + name) | shell command |
 | lib/lib.js:325:12:325:51 | "MyWind ... " + arg | lib/lib.js:324:40:324:42 | arg | lib/lib.js:325:49:325:51 | arg | $@ based on library input is later used in $@. | lib/lib.js:325:12:325:51 | "MyWind ... " + arg | String concatenation | lib/lib.js:326:2:326:13 | cp.exec(cmd) | shell command |
 | lib/lib.js:340:10:340:26 | "rm -rf " + id(n) | lib/lib.js:339:39:339:39 | n | lib/lib.js:340:22:340:26 | id(n) | $@ based on library input is later used in $@. | lib/lib.js:340:10:340:26 | "rm -rf " + id(n) | String concatenation | lib/lib.js:340:2:340:27 | cp.exec ...  id(n)) | shell command |
-| lib/lib.js:345:10:345:27 | "rm -rf " + unsafe | lib/lib.js:343:29:343:34 | unsafe | lib/lib.js:345:22:345:27 | unsafe | $@ based on library input is later used in $@. | lib/lib.js:345:10:345:27 | "rm -rf " + unsafe | String concatenation | lib/lib.js:345:2:345:28 | cp.exec ... unsafe) | shell command |
-| lib/lib.js:360:17:360:56 | "learn  ... + model | lib/lib.js:354:20:354:23 | opts | lib/lib.js:360:28:360:42 | this.learn_args | $@ based on library input is later used in $@. | lib/lib.js:360:17:360:56 | "learn  ... + model | String concatenation | lib/lib.js:361:3:361:18 | cp.exec(command) | shell command |
+| lib/lib.js:351:10:351:27 | "rm -rf " + unsafe | lib/lib.js:349:29:349:34 | unsafe | lib/lib.js:351:22:351:27 | unsafe | $@ based on library input is later used in $@. | lib/lib.js:351:10:351:27 | "rm -rf " + unsafe | String concatenation | lib/lib.js:351:2:351:28 | cp.exec ... unsafe) | shell command |
+| lib/lib.js:366:17:366:56 | "learn  ... + model | lib/lib.js:360:20:360:23 | opts | lib/lib.js:366:28:366:42 | this.learn_args | $@ based on library input is later used in $@. | lib/lib.js:366:17:366:56 | "learn  ... + model | String concatenation | lib/lib.js:367:3:367:18 | cp.exec(command) | shell command |

javascript/ql/test/query-tests/Security/CWE-078/lib/lib.js

@@ -340,6 +340,12 @@ module.exports.problematic = function(n) {
 	cp.exec("rm -rf " + id(n)); // NOT OK
 };
 
+module.exports.typeofNumber = function(n) {
+	if (typeof n === "number") {
+		cp.exec("rm -rf " + n); // OK
+	}
+};
+
 function boundProblem(safe, unsafe) {
 	cp.exec("rm -rf " + safe); // OK
 	cp.exec("rm -rf " + unsafe); // NOT OK