hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 20:25:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Enhance PipeCall to exclude non-function and non-object arguments in pipe method detection

Browse Source
This commit is contained in:
Napalys Klicius
2025-05-22 12:19:05 +02:00
parent 4332de464a
commit d7f86db76c
3 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
javascript/ql/src/Quality/UnhandledStreamPipe.ql
View File

@@ -15,7 +15,12 @@ import javascript
* A call to the `pipe` method on a Node.js stream.
*/
class PipeCall extends DataFlow::MethodCallNode {
PipeCall() { this.getMethodName() = "pipe" and this.getNumArgument() = [1, 2] }
PipeCall() {
this.getMethodName() = "pipe" and
this.getNumArgument() = [1, 2] and
not this.getArgument(0).asExpr() instanceof Function and
not this.getArgument(0).asExpr() instanceof ObjectExpr
}
/** Gets the source stream (receiver of the pipe call). */
DataFlow::Node getSourceStream() { result = this.getReceiver() }

2
javascript/ql/test/query-tests/Quality/UnhandledStreamPipe/test.expected
View File

@@ -15,7 +15,5 @@
| test.js:185:5:185:32 | copyStr ... nation) | Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped. |
| test.js:190:17:190:40 | notStre ... itable) | Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped. |
| test.js:195:17:195:40 | notStre ... itable) | Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped. |
| test.js:199:5:199:22 | notStream.pipe({}) | Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped. |
| test.js:203:5:203:26 | notStre ... ()=>{}) | Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped. |
| test.js:207:5:207:64 | getStre ... e(dest) | Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped. |
| test.js:212:5:212:56 | getStre ... e(dest) | Stream pipe without error handling on the source stream. Errors won't propagate downstream and may be silently dropped. |

4
javascript/ql/test/query-tests/Quality/UnhandledStreamPipe/test.js
View File

@@ -196,11 +196,11 @@ function test() {
}
{
const notStream = getNotAStream();
notStream.pipe({}); // $SPURIOUS:Alert
notStream.pipe({});
}
{
const notStream = getNotAStream();
notStream.pipe(()=>{}); // $SPURIOUS:Alert
notStream.pipe(()=>{});
}
{
const plumber = require('gulp-plumber');