hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 02:05:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Autoformat and add qldoc

Browse Source
This commit is contained in:
Asger Feldthaus
2021-03-12 15:44:43 +00:00
parent 96c6e4d8d8
commit d52ff3e4f6
6 changed files with 23 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
javascript/ql/src/semmle/javascript/dataflow/TaintTracking.qll
View File

@@ -312,9 +312,8 @@ module TaintTracking {
*/
cached
private module Cached {
cached predicate forceStage() {
Stages::Taint::ref()
}
cached
predicate forceStage() { Stages::Taint::ref() }
/**
* Holds if `pred` → `succ` should be considered a taint-propagating
@@ -963,7 +962,8 @@ module TaintTracking {
getACaptureSetter(pred) = getANodeReachingCaptureRef(succ)
or
exists(StringReplaceCall replace |
getANodeReachingCaptureRef(succ) = replace.getReplacementCallback().getFunction().getEntry() and
getANodeReachingCaptureRef(succ) =
replace.getReplacementCallback().getFunction().getEntry() and
pred = replace.getReceiver()
)
}

1
javascript/ql/src/semmle/javascript/dataflow/internal/Unit.qll
View File

@@ -4,5 +4,6 @@ private newtype TUnit = MkUnit()
* A class with only one instance.
*/
class Unit extends TUnit {
/** Gets a textual representation of this element. */
final string toString() { result = "Unit" }
}

4
javascript/ql/src/semmle/javascript/frameworks/Angular2.qll
View File

@@ -590,7 +590,9 @@ module Angular2 {
private class MatTableDataSourceStep extends TaintTracking::SharedTaintStep {
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
exists(DataFlow::NewNode invoke |
invoke = DataFlow::moduleMember("@angular/material/table", "MatTableDataSource").getAnInstantiation() and
invoke =
DataFlow::moduleMember("@angular/material/table", "MatTableDataSource")
.getAnInstantiation() and
pred = [invoke.getArgument(0), invoke.getAPropertyWrite("data").getRhs()] and
succ = invoke
)

6
javascript/ql/src/semmle/javascript/frameworks/Classnames.qll
View File

@@ -24,7 +24,11 @@ private class PlainStep extends TaintTracking::SharedTaintStep {
private class BindStep extends TaintTracking::SharedTaintStep {
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
exists(DataFlow::CallNode bind | bind = classnames().getAMemberCall("bind") |
pred = [succ.(DataFlow::CallNode).getAnArgument(), bind.getAnArgument(), bind.getOptionArgument(_, _)] and
pred =
[
succ.(DataFlow::CallNode).getAnArgument(), bind.getAnArgument(),
bind.getOptionArgument(_, _)
] and
succ = bind.getACall()
)
}

5
javascript/ql/src/semmle/javascript/frameworks/ComposedFunctions.qll
View File

@@ -112,7 +112,10 @@ module FunctionCompositionCall {
private class ComposedFunctionTaintStep extends TaintTracking::SharedTaintStep {
override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
exists(int fnIndex, DataFlow::FunctionNode fn, FunctionCompositionCall composed, DataFlow::CallNode call |
exists(
int fnIndex, DataFlow::FunctionNode fn, FunctionCompositionCall composed,
DataFlow::CallNode call
|
fn = composed.getOperandFunction(fnIndex) and
call = composed.getACall()
|

7
javascript/ql/src/semmle/javascript/frameworks/Vue.qll
View File

@@ -307,7 +307,12 @@ module Vue {
private DataFlow::PropWrite getAPropertyValueWrite(string name) {
result = getData().getALocalSource().getAPropertyWrite(name)
or
result = getABoundFunction().getALocalSource().(DataFlow::FunctionNode).getReceiver().getAPropertyWrite(name)
result =
getABoundFunction()
.getALocalSource()
.(DataFlow::FunctionNode)
.getReceiver()
.getAPropertyWrite(name)
}
/**