hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8606 from asgerf/js/api-graph-api

Browse Source 
JS/Python/Ruby: Document how API graphs should be interpreted
This commit is contained in:
Asger F
2022-05-30 10:49:14 +02:00
committed by GitHub
parent 7d171f86ea 87cbf7b216
commit cc42f2f824
63 changed files with 411 additions and 323 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
javascript/ql/test/library-tests/Routing/test.ql
View File

@@ -9,12 +9,12 @@ class Taint extends TaintTracking::Configuration {
override predicate isSource(DataFlow::Node node) {
node.(DataFlow::CallNode).getCalleeName() = "source"
or
node = testInstance().getMember("getSource").getReturn().getAnImmediateUse()
node = testInstance().getMember("getSource").getReturn().asSource()
}
override predicate isSink(DataFlow::Node node) {
node = any(DataFlow::CallNode call | call.getCalleeName() = "sink").getAnArgument()
or
node = testInstance().getMember("getSink").getAParameter().getARhs()
node = testInstance().getMember("getSink").getAParameter().asSink()
}
}

4
javascript/ql/test/library-tests/frameworks/Express/MiddlewareFlow.qll
View File

@@ -1,3 +1,5 @@
import javascript
query DataFlow::Node dbUse() { result = API::moduleImport("@example/db").getInstance().getAUse() }
query DataFlow::Node dbUse() {
result = API::moduleImport("@example/db").getInstance().getAValueReachableFromSource()
}

6
javascript/ql/test/library-tests/frameworks/data/test.ql
View File

@@ -62,13 +62,13 @@ class BasicTaintTracking extends TaintTracking::Configuration {
override predicate isSource(DataFlow::Node source) {
source.(DataFlow::CallNode).getCalleeName() = "source"
or
source = ModelOutput::getASourceNode("test-source").getAnImmediateUse()
source = ModelOutput::getASourceNode("test-source").asSource()
}
override predicate isSink(DataFlow::Node sink) {
sink = any(DataFlow::CallNode call | call.getCalleeName() = "sink").getAnArgument()
or
sink = ModelOutput::getASinkNode("test-sink").getARhs()
sink = ModelOutput::getASinkNode("test-sink").asSink()
}
}
@@ -77,7 +77,7 @@ query predicate taintFlow(DataFlow::Node source, DataFlow::Node sink) {
}
query predicate isSink(DataFlow::Node node, string kind) {
node = ModelOutput::getASinkNode(kind).getARhs()
node = ModelOutput::getASinkNode(kind).asSink()
}
class SyntaxErrorTest extends ModelInput::SinkModelCsv {