JS: Update NoSQL model

2026-04-28 10:15:14 +02:00 · 2020-11-23 16:17:00 +00:00
parent b6b8a55b37
commit c146e044ca
1 changed files with 10 additions and 16 deletions
--- a/javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll
+++ b/javascript/ql/src/semmle/javascript/frameworks/NoSQL.qll
@@ -62,22 +62,20 @@ private module MongoDB {
  }

  /** A call to a MongoDB query method. */
-  private class QueryCall extends DatabaseAccess, DataFlow::CallNode {
+  private class QueryCall extends DatabaseAccess, API::CallNode {
    int queryArgIdx;
-    API::Node callee;

    QueryCall() {
      exists(string method |
        CollectionMethodSignatures::interpretsArgumentAsQuery(method, queryArgIdx) and
-        callee = getACollection().getMember(method)
-      ) and
-      this = callee.getACall()
+        this = getACollection().getMember(method).getACall()
+      )
    }

    override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }

    DataFlow::Node getACodeOperator() {
-      result = getADollarWhereProperty(callee.getParameter(queryArgIdx))
+      result = getADollarWhereProperty(getParameter(queryArgIdx))
    }
  }

@@ -670,14 +668,12 @@ private module Minimongo {
  }

  /** A call to a Minimongo query method. */
-  private class QueryCall extends DatabaseAccess, DataFlow::MethodCallNode {
+  private class QueryCall extends DatabaseAccess, API::CallNode {
    int queryArgIdx;
-    API::Node callee;

    QueryCall() {
      exists(string m |
-        callee = API::moduleImport("minimongo").getAMember().getReturn().getAMember().getMember(m) and
-        this = callee.getACall() and
+        this = API::moduleImport("minimongo").getAMember().getReturn().getAMember().getMember(m).getACall() and
        CollectionMethodSignatures::interpretsArgumentAsQuery(m, queryArgIdx)
      )
    }
@@ -685,7 +681,7 @@ private module Minimongo {
    override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }

    DataFlow::Node getACodeOperator() {
-      result = getADollarWhereProperty(callee.getParameter(queryArgIdx))
+      result = getADollarWhereProperty(getParameter(queryArgIdx))
    }
  }

@@ -706,14 +702,12 @@ private module Minimongo {
 */
 private module MarsDB {
  /** A call to a MarsDB query method. */
-  private class QueryCall extends DatabaseAccess, DataFlow::MethodCallNode {
+  private class QueryCall extends DatabaseAccess, API::MethodCallNode {
    int queryArgIdx;
-    API::Node callee;

    QueryCall() {
      exists(string m |
-        callee = API::moduleImport("marsdb").getMember("Collection").getInstance().getMember(m) and
-        this = callee.getACall() and
+        this = API::moduleImport("marsdb").getMember("Collection").getInstance().getMember(m).getACall() and
        // implements parts of the Minimongo interface
        Minimongo::CollectionMethodSignatures::interpretsArgumentAsQuery(m, queryArgIdx)
      )
@@ -722,7 +716,7 @@ private module MarsDB {
    override DataFlow::Node getAQueryArgument() { result = getArgument(queryArgIdx) }

    DataFlow::Node getACodeOperator() {
-      result = getADollarWhereProperty(callee.getParameter(queryArgIdx))
+      result = getADollarWhereProperty(getParameter(queryArgIdx))
    }
  }