add jsonWebToken library file to remove duplicate predicate declrations

2026-04-25 00:35:20 +02:00 · 2024-05-25 13:26:51 +02:00
parent 0895f7d971
commit f905ac10c4
4 changed files with 33 additions and 87 deletions
--- a/javascript/ql/src/experimental/Security/CWE-347-noVerification/JsonWebToken.ql
+++ b/javascript/ql/src/experimental/Security/CWE-347-noVerification/JsonWebToken.ql
@@ -12,35 +12,7 @@

 import javascript
 import DataFlow::PathGraph
-
-DataFlow::Node unverifiedDecode() {
-  result = API::moduleImport("jsonwebtoken").getMember("decode").getParameter(0).asSink()
-  or
-  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
-    verify
-        .getParameter(2)
-        .getMember("algorithms")
-        .getUnknownMember()
-        .asSink()
-        .mayHaveStringValue("none") and
-    result = verify.getParameter(0).asSink()
-  )
-}
-
-DataFlow::Node verifiedDecode() {
-  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
-    (
-      not verify
-          .getParameter(2)
-          .getMember("algorithms")
-          .getUnknownMember()
-          .asSink()
-          .mayHaveStringValue("none") or
-      not exists(verify.getParameter(2).getMember("algorithms"))
-    ) and
-    result = verify.getParameter(0).asSink()
-  )
-}
+import jsonWebToken

 class Configuration extends TaintTracking::Configuration {
  Configuration() { this = "jsonwebtoken without any signature verification" }
--- a/javascript/ql/src/experimental/Security/CWE-347-noVerification/JsonWebTokenLocalSource.ql
+++ b/javascript/ql/src/experimental/Security/CWE-347-noVerification/JsonWebTokenLocalSource.ql
@@ -12,35 +12,7 @@

 import javascript
 import DataFlow::PathGraph
-
-DataFlow::Node unverifiedDecode() {
-  result = API::moduleImport("jsonwebtoken").getMember("decode").getParameter(0).asSink()
-  or
-  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
-    verify
-        .getParameter(2)
-        .getMember("algorithms")
-        .getUnknownMember()
-        .asSink()
-        .mayHaveStringValue("none") and
-    result = verify.getParameter(0).asSink()
-  )
-}
-
-DataFlow::Node verifiedDecode() {
-  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
-    (
-      not verify
-          .getParameter(2)
-          .getMember("algorithms")
-          .getUnknownMember()
-          .asSink()
-          .mayHaveStringValue("none") or
-      not exists(verify.getParameter(2).getMember("algorithms"))
-    ) and
-    result = verify.getParameter(0).asSink()
-  )
-}
+import jsonWebToken

 class Configuration extends TaintTracking::Configuration {
  Configuration() { this = "jsonwebtoken without any signature verification" }
--- a/javascript/ql/src/experimental/Security/CWE-347-noVerification/JsonWebTokenNotWorking.ql
+++ b/javascript/ql/src/experimental/Security/CWE-347-noVerification/JsonWebTokenNotWorking.ql
@@ -12,35 +12,7 @@

 import javascript
 import DataFlow::PathGraph
-
-DataFlow::Node unverifiedDecode() {
-  result = API::moduleImport("jsonwebtoken").getMember("decode").getParameter(0).asSink()
-  or
-  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
-    verify
-        .getParameter(2)
-        .getMember("algorithms")
-        .getUnknownMember()
-        .asSink()
-        .mayHaveStringValue("none") and
-    result = verify.getParameter(0).asSink()
-  )
-}
-
-DataFlow::Node verifiedDecode() {
-  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
-    (
-      not verify
-          .getParameter(2)
-          .getMember("algorithms")
-          .getUnknownMember()
-          .asSink()
-          .mayHaveStringValue("none") or
-      not exists(verify.getParameter(2).getMember("algorithms"))
-    ) and
-    result = verify.getParameter(0).asSink()
-  )
-}
+import jsonWebToken

 class ConfigurationUnverifiedDecode extends TaintTracking::Configuration {
  ConfigurationUnverifiedDecode() { this = "jsonwebtoken without any signature verification" }
--- a/javascript/ql/src/experimental/Security/CWE-347-noVerification/jsonWebToken.qll
+++ b/javascript/ql/src/experimental/Security/CWE-347-noVerification/jsonWebToken.qll
@@ -0,0 +1,30 @@
+import javascript
+
+DataFlow::Node unverifiedDecode() {
+  result = API::moduleImport("jsonwebtoken").getMember("decode").getParameter(0).asSink()
+  or
+  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
+    verify
+        .getParameter(2)
+        .getMember("algorithms")
+        .getUnknownMember()
+        .asSink()
+        .mayHaveStringValue("none") and
+    result = verify.getParameter(0).asSink()
+  )
+}
+
+DataFlow::Node verifiedDecode() {
+  exists(API::Node verify | verify = API::moduleImport("jsonwebtoken").getMember("verify") |
+    (
+      not verify
+          .getParameter(2)
+          .getMember("algorithms")
+          .getUnknownMember()
+          .asSink()
+          .mayHaveStringValue("none") or
+      not exists(verify.getParameter(2).getMember("algorithms"))
+    ) and
+    result = verify.getParameter(0).asSink()
+  )
+}