mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
JS: Make implicit this receivers explicit
This commit is contained in:
Kasper Svendsen
@@ -220,7 +220,7 @@ private class DomBasedXssSinkCharacteristic extends EndpointCharacteristic {
|
||||
) {
|
||||
endpointClass instanceof XssSinkType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = maximalConfidence()
|
||||
confidence = this.maximalConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -238,7 +238,7 @@ private class TaintedPathSinkCharacteristic extends EndpointCharacteristic {
|
||||
) {
|
||||
endpointClass instanceof TaintedPathSinkType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = maximalConfidence()
|
||||
confidence = this.maximalConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -256,7 +256,7 @@ private class SqlInjectionSinkCharacteristic extends EndpointCharacteristic {
|
||||
) {
|
||||
endpointClass instanceof SqlInjectionSinkType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = maximalConfidence()
|
||||
confidence = this.maximalConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -274,7 +274,7 @@ private class NosqlInjectionSinkCharacteristic extends EndpointCharacteristic {
|
||||
) {
|
||||
endpointClass instanceof NosqlInjectionSinkType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = maximalConfidence()
|
||||
confidence = this.maximalConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -296,7 +296,7 @@ private class ShellCommandInjectionFromEnvironmentSinkCharacteristic extends End
|
||||
) {
|
||||
endpointClass instanceof ShellCommandInjectionFromEnvironmentSinkType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = maximalConfidence()
|
||||
confidence = this.maximalConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -335,7 +335,7 @@ abstract private class NotASinkCharacteristic extends EndpointCharacteristic {
|
||||
) {
|
||||
endpointClass instanceof NegativeType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = highConfidence()
|
||||
confidence = this.highConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -354,7 +354,7 @@ abstract class LikelyNotASinkCharacteristic extends EndpointCharacteristic {
|
||||
) {
|
||||
endpointClass instanceof NegativeType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = mediumConfidence()
|
||||
confidence = this.mediumConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -685,7 +685,7 @@ abstract private class StandardEndpointFilterCharacteristic extends EndpointFilt
|
||||
) {
|
||||
endpointClass instanceof NegativeType and
|
||||
isPositiveIndicator = true and
|
||||
confidence = mediumConfidence()
|
||||
confidence = this.mediumConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -786,7 +786,7 @@ abstract private class NosqlInjectionSinkEndpointFilterCharacteristic extends En
|
||||
) {
|
||||
endpointClass instanceof NosqlInjectionSinkType and
|
||||
isPositiveIndicator = false and
|
||||
confidence = mediumConfidence()
|
||||
confidence = this.mediumConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -817,7 +817,7 @@ private class ModeledSinkCharacteristic extends NosqlInjectionSinkEndpointFilter
|
||||
override predicate appliesToEndpoint(DataFlow::Node n) {
|
||||
exists(DataFlow::CallNode call | n = call.getAnArgument() |
|
||||
// Remove modeled sinks
|
||||
isArgumentToKnownLibrarySinkFunction(n)
|
||||
this.isArgumentToKnownLibrarySinkFunction(n)
|
||||
)
|
||||
}
|
||||
}
|
||||
@@ -928,7 +928,7 @@ abstract private class SqlInjectionSinkEndpointFilterCharacteristic extends Endp
|
||||
) {
|
||||
endpointClass instanceof SqlInjectionSinkType and
|
||||
isPositiveIndicator = false and
|
||||
confidence = mediumConfidence()
|
||||
confidence = this.mediumConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1002,7 +1002,7 @@ abstract private class TaintedPathSinkEndpointFilterCharacteristic extends Endpo
|
||||
) {
|
||||
endpointClass instanceof TaintedPathSinkType and
|
||||
isPositiveIndicator = false and
|
||||
confidence = mediumConfidence()
|
||||
confidence = this.mediumConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1055,7 +1055,7 @@ abstract private class XssSinkEndpointFilterCharacteristic extends EndpointFilte
|
||||
) {
|
||||
endpointClass instanceof XssSinkType and
|
||||
isPositiveIndicator = false and
|
||||
confidence = mediumConfidence()
|
||||
confidence = this.mediumConfidence()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -24,7 +24,7 @@ abstract class EndpointType extends TEndpointType {
|
||||
*/
|
||||
abstract int getEncoding();
|
||||
|
||||
string toString() { result = getDescription() }
|
||||
string toString() { result = this.getDescription() }
|
||||
}
|
||||
|
||||
/** The `Negative` class that can be predicted by endpoint scoring models. */
|
||||
|
||||
@@ -33,7 +33,7 @@ class NosqlInjectionAtmConfig extends AtmConfig {
|
||||
sink.(NosqlInjection::Sink).getAFlowLabel() = label
|
||||
or
|
||||
// Allow effective sinks to have any taint label
|
||||
isEffectiveSink(sink)
|
||||
this.isEffectiveSink(sink)
|
||||
}
|
||||
|
||||
override predicate isSanitizer(DataFlow::Node node) {
|
||||
@@ -49,11 +49,11 @@ class NosqlInjectionAtmConfig extends AtmConfig {
|
||||
DataFlow::Node src, DataFlow::Node trg, DataFlow::FlowLabel inlbl, DataFlow::FlowLabel outlbl
|
||||
) {
|
||||
// additional flow steps from the base (non-boosted) security query
|
||||
isBaseAdditionalFlowStep(src, trg, inlbl, outlbl)
|
||||
this.isBaseAdditionalFlowStep(src, trg, inlbl, outlbl)
|
||||
or
|
||||
// relaxed version of previous step to track taint through unmodeled NoSQL query objects
|
||||
isEffectiveSink(trg) and
|
||||
src = getASubexpressionWithinQuery(trg)
|
||||
this.isEffectiveSink(trg) and
|
||||
src = this.getASubexpressionWithinQuery(trg)
|
||||
}
|
||||
|
||||
/** Holds if src -> trg is an additional flow step in the non-boosted NoSql injection security query. */
|
||||
@@ -80,9 +80,9 @@ class NosqlInjectionAtmConfig extends AtmConfig {
|
||||
* involving more complex queries.
|
||||
*/
|
||||
private DataFlow::Node getASubexpressionWithinQuery(DataFlow::Node query) {
|
||||
isEffectiveSink(query) and
|
||||
this.isEffectiveSink(query) and
|
||||
exists(DataFlow::SourceNode receiver |
|
||||
receiver = [getASubexpressionWithinQuery(query), query].getALocalSource()
|
||||
receiver = [this.getASubexpressionWithinQuery(query), query].getALocalSource()
|
||||
|
|
||||
result =
|
||||
[
|
||||
|
||||
@@ -25,7 +25,7 @@ class TaintedPathAtmConfig extends AtmConfig {
|
||||
label = sink.(TaintedPath::Sink).getAFlowLabel()
|
||||
or
|
||||
// Allow effective sinks to have any taint label
|
||||
isEffectiveSink(sink)
|
||||
this.isEffectiveSink(sink)
|
||||
}
|
||||
|
||||
override predicate isSanitizer(DataFlow::Node node) { node instanceof TaintedPath::Sanitizer }
|
||||
@@ -54,10 +54,10 @@ class TaintedPathAtmConfig extends AtmConfig {
|
||||
private class BarrierGuardNodeAsSanitizerGuardNode extends TaintTracking::LabeledSanitizerGuardNode instanceof TaintedPath::BarrierGuardNode
|
||||
{
|
||||
override predicate sanitizes(boolean outcome, Expr e) {
|
||||
blocks(outcome, e) or blocks(outcome, e, _)
|
||||
this.blocks(outcome, e) or this.blocks(outcome, e, _)
|
||||
}
|
||||
|
||||
override predicate sanitizes(boolean outcome, Expr e, DataFlow::FlowLabel label) {
|
||||
sanitizes(outcome, e) and exists(label)
|
||||
this.sanitizes(outcome, e) and exists(label)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,7 +13,7 @@ newtype TEndpointLabel =
|
||||
abstract class EndpointLabel extends TEndpointLabel {
|
||||
abstract string getEncoding();
|
||||
|
||||
string toString() { result = getEncoding() }
|
||||
string toString() { result = this.getEncoding() }
|
||||
}
|
||||
|
||||
class SinkLabel extends EndpointLabel, TSinkLabel {
|
||||
|
||||
@@ -15,7 +15,7 @@ newtype TQuery =
|
||||
abstract class Query extends TQuery {
|
||||
abstract string getName();
|
||||
|
||||
string toString() { result = getName() }
|
||||
string toString() { result = this.getName() }
|
||||
}
|
||||
|
||||
class NosqlInjectionQuery extends Query, TNosqlInjectionQuery {
|
||||
|
||||
Reference in New Issue
Block a user