Merge pull request #1894 from asger-semmle/fp-incorrect-suffix-check

Approved by xiemaisi
2026-05-02 04:05:14 +02:00 · 2019-09-09 15:33:47 +01:00
parent 89cba089b4 dfd18a51ee
commit e899250e87
3 changed files with 14 additions and 1 deletions
--- a/javascript/ql/src/Security/CWE-020/IncorrectSuffixCheck.ql
+++ b/javascript/ql/src/Security/CWE-020/IncorrectSuffixCheck.ql
@@ -35,7 +35,11 @@ class IndexOfCall extends DataFlow::MethodCallNode {
   */
  IndexOfCall getAnEquivalentIndexOfCall() {
    result.getReceiver().getALocalSource() = this.getReceiver().getALocalSource() and
-    result.getArgument(0).getALocalSource() = this.getArgument(0).getALocalSource() and
+    (
+      result.getArgument(0).getALocalSource() = this.getArgument(0).getALocalSource()
+      or
+      result.getArgument(0).getStringValue() = this.getArgument(0).getStringValue()
+    ) and
    result.getMethodName() = this.getMethodName()
  }

--- a/javascript/ql/test/query-tests/Security/CWE-020/tst.js
+++ b/javascript/ql/test/query-tests/Security/CWE-020/tst.js
@@ -89,3 +89,11 @@ function withIndexOfCheckLowerEq(x, y) {
  let index = x.indexOf(y);
  return !(index <= -1) && index === x.length - y.length - 1; // OK
 }
+
+function lastIndexNeqMinusOne(x) {
+  return x.lastIndexOf("example.com") !== -1 && x.lastIndexOf("example.com") === x.length - "example.com".length; // OK
+}
+
+function lastIndexEqMinusOne(x) {
+  return x.lastIndexOf("example.com") === -1 || x.lastIndexOf("example.com") === x.length - "example.com".length; // OK
+}