hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: sharpen the js/trivial-conditional whitelist

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2019-01-24 14:58:15 +01:00
parent feeb391737
commit ef3b107cc1
4 changed files with 50 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
javascript/ql/src/Statements/UselessConditional.ql
View File

@@ -65,17 +65,24 @@ predicate isInitialParameterUse(Expr e) {
}
/**
* Holds if `e` directly uses the returned value from a function call that returns a constant boolean value.
* Holds if `e` directly uses the returned value from functions that return constant boolean values.
*/
predicate isConstantBooleanReturnValue(Expr e) {
// unlike `SourceNode.flowsTo` this will not include uses we have refinement information for
exists(DataFlow::CallNode call | exists(call.analyze().getTheBooleanValue()) |
e = call.asExpr()
or
// also support return values that are assigned to variables
exists(SsaExplicitDefinition ssa |
ssa.getDef().getSource() = call.asExpr() and
ssa.getVariable().getAUse() = e
exists(string b | (b = "true" or b = "false") |
forex(DataFlow::CallNode call, Expr ret |
ret = call.getACallee().getAReturnedExpr() and
(
e = call.asExpr()
or
// also support return values that are assigned to variables
exists(SsaExplicitDefinition ssa |
ssa.getDef().getSource() = call.asExpr() and
ssa.getVariable().getAUse() = e
)
)
|
ret.(BooleanLiteral).getValue() = b
)
)
or