hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Fix bad join order in PropertyProjection

Browse Source
This commit is contained in:
Asger Feldthaus
2021-03-25 08:58:28 +00:00
parent bd3f6d1234
commit dbc6cf63c2
1 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
javascript/ql/src/semmle/javascript/frameworks/PropertyProjection.qll
View File

@@ -75,10 +75,6 @@ private DataFlow::SourceNode getASimplePropertyProjectionCallee(
) {
singleton = false and
(
result = LodashUnderscore::member("pick") and
objectIndex = 0 and
selectorIndex = [1 .. max(result.getACall().getNumArgument())]
or
result = LodashUnderscore::member("pickBy") and
objectIndex = 0 and
selectorIndex = 1
@@ -131,6 +127,19 @@ private class SimplePropertyProjection extends PropertyProjection::Range {
override predicate isSingletonProjection() { singleton = true }
}
/**
* A property projection with a variable number of selector indices.
*/
private class VarArgsPropertyProjection extends PropertyProjection::Range {
VarArgsPropertyProjection() { this = LodashUnderscore::member("pick").getACall() }
override DataFlow::Node getObject() { result = getArgument(0) }
override DataFlow::Node getASelector() { result = getArgument(any(int i | i > 0)) }
override predicate isSingletonProjection() { none() }
}
/**
* A taint step for a property projection.
*/